The LockBit criminal gang has continued with its ransomware efforts with an attack on the water utility company of Portugal’s second-largest city – Porto.
Águas e Energia do Porto said on February 8th it had been hit with a cyberattack, but its security team had been able to limit the damage.
The company is owned by the city and is one of the largest Portuguese water supply and wastewater sanitation companies, serving approximately half a million people.
The company is still able to process customer requests at in-person service desks, and it has urged people to get virtual service tickets that could be obtained instead of standing in line.
Public water supply and sanitation were not affected by the attack.
The LockBit group claimed the attack by adding the company to its leak site on February 18th.
LockBit has given the utility company until March 7th to pay a ransom, and in l8ne with othe attacks, have threatened to publish stolen information if the deadline passes without payment.
Not the 1st time
It seems that the attack against Águas e Energia do Porto is not the 1st time LockBit has targeted Portuguese infrastructure. In December 2022, LockBit breached and encrypted systems at Port of Lisbon, Portugal’s busiest port and one of the most heavily used across all of Europe.
Over the last two years, the country has also seen cyberattacks or ransomware incidents cripple one of their largest telecommunications providers, their largest television channel, as well as several financial and insurance institutions – although these attacks have not been attributed to the LockBit gang.
Prime targets
Utility companies are frequent targets for cyber criminals due to the wealth of personal customer information and financial data the companies typically hold.
Companies like these can often have numerous entry points due to the scale of their IT & OT networks, the use of protocols with little to no security, and the high number of 3rd party contractors & sub-contractors who have network connectivity. They offer attackers a fairly easy target.
In August 2022, a ransomware attack on South Staffordshire Water may have enabled criminals to steal customer bank details, the company said in December.
In America, law enforcement agencies said ransomware gangs have targeted five water and wastewater treatment facilities between 2019 and 2021.