article featured image


Over Christmas, the Port of Lisbon administration suffered a cyberattack. The representatives of Portugal’s third-largest port said the attack did not affect operations, but the cyber incident was reported to the National Cybersecurity Center and the Judiciary Police. The company’s website was unavailable until today.

All security protocols and response measures planned for this type of occurrence were quickly activated.(…) The Administration of the Port of Lisbon (APL) is working permanently and closely with all the competent authorities, in order to guarantee the security of the systems and respective data.

Lisbon Port’s Statement for the Publico Newspaper


The Portuguese authorities did not specify the nature of the attack or who was behind it. However, the LockBit ransomware gang posted Port of Lisbon to a darknet website where cybercriminals announce their victims.

Lockbit Ransom Port of Lisbon


As part of its ransom demands, LockBit demands close to $1.5 million to download or destroy the data it claims has been stolen from the port’s systems, according to Cybernews. Threat actors publicly state what data has been stolen to force victims into paying the ransom.

More than 1,200 organizations worldwide have been the victims of LockBit, the most prolific ransomware gang of 2022. Earlier this month, the gang’s affiliates breached the Finance Department for the state of California.

If you want to learn more about this ransomware group, check out my colleague’s dedicated piece on the topic: LockBit Ransomware 101.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Madalina Popovici

Digital PR Specialist

linkedin icon

Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.