>
One of Europe’s busiest seaports, the Port of Lisbon, has been hit by ransomware (opens in new tab) attack that took some of its digital systems offline.
“All security protocols and response measures provided for this type of occurrence were quickly activated, the situation was monitored by the National Cybersecurity Center and the judicial police,” a statement released by the Port of Lisbon Administration (APL) to local media earlier this week was shared. said.
The incident did not affect the port’s operations, but it did take down the official website, portodelisboa.pt.
LockBit takes responsibility
“The administration of the Port of Lisbon is working permanently and closely with all competent entities to ensure the security of the systems and the respective data,” the statement concludes.
While the company does not explicitly say it was targeted by ransomware, the LockBit ransomware operator added APL to its leak website and took responsibility for the hit.
The database it posted there reportedly includes financial reports, audits, budgets, contracts, cargo information, ship logs, crew records, customer PII (personally identifiable information), port documentation, email correspondence, and more.
In exchange for the decryptor, APL must pay $1,500,000. If these requirements are not met by January 18, 2022, the ransomware operators will leak the database online. The organization can delay the leak by a day by paying $1,000.
The port of Lisbon is not only part of the critical infrastructure of the city and the country, but also of the critical infrastructure of Europe. It is one of the most accessible ports in Europe, where overseas container ships, cruise ships and pleasure craft are the first to dock.
LockBit recently dropped a partner from its program for targeting a children’s hospital in Canada, and offered a free decryptor as an apology.
Through: Beeping computer (opens in new tab)