The Port of Lisbon suffered a cyber-attack on Christmas Day, raising concerns about the potential exposure of confidential information.
LockBit, who claimed the attack, said its ransomware has taken down the port’s website and internal computer systems.
Meanwhile, they have reportedly stolen financial reports, audits, budgets, contracts, cargo information, ship logs, port documentation, among other vital port-related information, whilst already having published samples of the stolen data.
LockBit has threatened to publish all of the files that were seized during their computer attack should their ransom demands of $1.5 million be left unmet by 18 January.
Despite these threats, Portuguese newspaper, Publico, has stated that no operational activity has been compromised at the Port of Lisbon, which has more than 3,500 vessel calls annually handling over 13.4 million tons of cargo.
The port’s official website, portodelisboa.pt, has been taken down and has remained inoperable since.
“All security protocols and response measures planned for this type of occurrence were quickly activated,” according to the statement cited by Publico.
“The Administration of the Port of Lisbon is working permanently and closely with all the competent authorities, in order to guarantee the security of the systems and respective data.”
Security analysts have reported that LockBit is among the most prolific and widespread ransomware gangs of 2022. Estimates indicate that over 1200 organisations worldwide have been hit by LockBit, accounting for a third of all cyberattack claims in 2022.
They have been connected to attacks ranging from European oil terminals in 2022 to a breach discovered by the California Department of Finance last month.