The cybergang LockBit posted the data stolen from the Portuguese port on their leak site. The Portuguese authorities didn’t specify the nature of the attack or who was behind it. However, the LockBit ransomware gang uploaded Port of Lisbon to its leak site, a darknet website where cybercriminals announce their victims.
The gang claims to have stolen all of the data available on the port’s systems. Threat actors intentionally publicize what data was stolen to force victims into paying the ransom. LockBit demands close to $1.5m to download or destroy the data.
LockBit Ransomware, one of the few ransomware groups employing self-spreading malware technology and double encryption. LockBit first emerged as the ABCD ransomware on September 2019, which was improved to become one of the most prolific ransomware families today.
Through their professional operations and strong affiliate program, LockBit operators proved that they were in it for the long haul. Thus, being acquainted with their tactics will help organizations fortify their defenses for current and future ransomware attacks.