Ransomware: they encrypt the systems of the Port of Lisbon and ask for almost 1.5 million euros

Share This Post

- Advertisement -

The ransomware group block tip he almost asks 1.5 million euros to return critical information from the Lisbon port administration. The data was encrypted about two weeks ago.

- Advertisement -

Among the encrypted information is data that includes worker and customer information, financial reports, contracts and electronic correspondence, among others, and sets a January 18 limit.

Ransomware is a type of virus that makes information inaccessible and demands a ransom in exchange. His name is an acronym of “data rescue program”: ransom in English means ransom, and ware is an abbreviation of the well-known word software – a ransomware program. Ransomware is a subtype of malware, short for “malicious software”.

- Advertisement -

Local press in Portugal added that the cybercriminals threatened to disclose the extracted documentation in case not receive payment.

The Board of Directors of the Port of Lisbon (Portugal’s main maritime transport terminal) recently acknowledged in a statement that it was the victim of a cyber attack on December 25 and that the security protocols were “quickly” activated, “being ensured the operation of the business”.

The body added that the case has the support of the National Cyber ​​Security Center and the Portuguese Judicial Police “a ensure the security of systems and their data”.

However, he acknowledged that some service limitations may occur in the following days.

It is not the first time that the country has suffered problems related to cybercrime. Portugal has recorded cyber attacks in 2022 against several institutions, such as Vodafone Portugal, the TAP airline, the Impresa group, the Ministry of Foreign Affairs, the Lusa news agency and the MC company of the Portuguese multinational Sonae, among others.

Lockbit, one of the biggest bands

Lockbit is one of the largest cybercriminal gangs in the world. Its local victims include Osde Prepaid, which has seen a large amount of patient information leaked, and Ingenio Ledesma. Worldwide, they have successfully accessed the systems of nearly 200 victims, ranging from airlines, automotive and mining companies to media, hospitality and transportation companies.

His cell phone is purely cheap: “The higher the company’s income, the better. No deciding factors [para encritptar]If there’s a goal, you have to work at it. The location of the target doesn’t matter, we attack whoever is in our sights,” one of its members said in an interview with security firm Flashpoint.

To understand the model under which Lockbit operates, it must be taken into account that they have affiliates, in a system called RaaS: Ransomware As a Service.

“Gangs that have this mode sell their malicious code. This usually happens through the dark web: there they sell their encryption program and look for someone to distribute it. The partner or affiliate could be an employee of the attacked company or someone who purchased the service to deposit it with a victim because they have privileged access,” Arturo Torres, Threat Intelligence Strategist for FortiGuard Labs for the Americas Latin and the Caribbean, describes in Clarin. .

The port of Lisbon has fallen prey to this type of cyber crime.

Source: Clarin

- Advertisement -

Related Posts