Portugal is not safe from cyberattacks on critical infrastructure

After the Russian invasion of Ukraine, the cyber threats targeting critical infrastructure have increased. At the same time, cybercriminals have broadened their targets, especially to European countries that have provided support to Ukraine.

Let us remember, first of all, that the month of February was marked by a series of cyberattacks on companies. To various suppliers, facilities or supply chain systems. All with the aim of causing as much damage as possible.

S21sec sheds new light on the conflict between Russia and Ukraine

Threat Landscape Report – 1st semester 2022During the first half of 2022, we have identified a significant number of cyber threats that have represented a high risk for public and private entities. Download the report here 🇪🇸https://t.co/U9LjrJWVAX🇪🇸https://t.co/7EfL60dsor pic.twitter.com/dJy6l5ZGp1

— S21sec (@S21sec) July 27, 2022

THE S21sec, the leading cybersecurity services company, produced its biannual Threat Landscape Report. ask that analyzes the evolution of cybercrime during the first half of 2022.

The report provides an overview of the most relevant threats in the first half of 2022 and is particularly poignant in its conclusions.

According to the study, which aims to analyze the main vulnerabilities and cyber-risks in strategic sectors worldwide, in the period under analysis, the energy sector has been the victim of numerous incidents caused by entities with different motivations.

On this occasion, we highlight the increase in cyberattacks aimed at destroying or paralyzing electrical infrastructure to cause as much damage as possible.

The European energy sector has suffered a series of cyberattacks


The S21sec Intelligence team concludes that, among the most significant attacks in the first half of the year, those that occurred in February stand out.

In addition, the European energy sector has suffered a series of cyberattacks directed, among others, at German, Belgian and Romanian companies.

In addition to these, there were other incidents aimed at attacking critical infrastructure, such as the data hijacking that affected an important Italian group and left its computer systems inoperative.

During the month of February, most of the attacks recorded in this sector were directed at companies in the supply chain, providers Y installations either systems support.

Attacks caused mainly by economic motivations

Thus, due to the magnitude of the consequences, cyber attacks on critical infrastructure systems have become one of the greatest dangers for society, even causing the paralysis of public services and situations of supply shortages.

“We must bear in mind that the energy infrastructures of a country are considered critical infrastructures. And that an attack against them can pose risks not only for the attacked company, but also for the public”, says Hugo Nunes, head of the S21sec Intelligence team in Portugal.

In this context, the S21sec study concluded that there have been at least 43 ransomware attacks against companies in the energy sector since January 2022.

In Portugal, One of the cyberattacks with the greatest impact occurred in the month of May in a company in the Azores. The instance affected their information systems, specifically the commercial system, for several days.

Read Also:  Jorge Lanata's Health Update: Latest Medical Report Revealed

The energy sector, one of the main sectors affected by the war


Since the beginning of the war, following the Russian invasion of Ukraine, cyber threats targeting the energy sector and critical infrastructure have increased. At the same time, the attackers expanded their targets to other European countries, especially those that support Ukraine.

Thus, entities aligned with Russia threatened to carry out operations in cyberspace in retaliation for alleged cyberoffensives against the Russian government. This, in addition to targeted attacks against countries and organizations that have positioned themselves on the opposite side.

“The vast majority of attacks observed during the development of hybrid warfare consisted of websites disfigurement and DDoS attacks (triggered by hacktivists). Through the leaking of databases and confidential information from government agencies and critical infrastructures and also through the use of specific malware (wipers). All with the aim of destroying or deleting data from critical systems in this sector”, says Hugo Nunes.

In the initial phase of the conflict between Russia and Ukraine, three cyberattacks on European wind energy production companies were recorded. All part of ransomware groups that have declared solidarity with the Russian government, such as Conti and Black Basta.

It is worth noting that although the incentive behind these groups is generally economic, it cannot be ruled out that they were also politically motivated. That is, with the aim of disrupting the operation of energy-producing companies in Europe.

Also early in the conflict, Blackcat ransomware, linked to Russian cybercriminal groups, targeted companies involved in oil and gas production and transportation.

Please note, however, that Blackcat ransomware-as-a-service, which was activated in November 2021, is mainly distributed via email.

Therefore, when the victim downloads and opens the email attachment, the malware starts executing on the machine and later various sophisticated techniques are used with the ultimate goal of encrypting the organization’s files.

“One of the particularities of Blackcat is the use of the triple extortion technique in an attempt to add even more pressure to the victim’s need to pay the ransom.”

“In addition to data encryption within the organization, information exfiltration, and the threat of your blog post on the Deep Web, there is also the threat of running Distributed Denial of Service (DDoS) attacks if the victim does not pay. the requested ransom.” explains Hugo Nunes.

On October 25, S21sec will be present at the @IDCPortugal Porto Security Roadshow Pedro Leite, COO of S21sec, will participate in the panel “How to protect and respond to data leaks?”, which will take place at 10:20 a.m. at Hotel Porto Palácio.#idcsecurity #cyber security pic.twitter.com/O02uk03hIU

— S21sec (@S21sec) October 24, 2022

Recent Articles

Related News

Leave A Reply

Please enter your comment!
Please enter your name here