Spain’s Port of Vigo has been hit by a ransomware attack that disrupted key digital systems, forcing authorities to disconnect parts of its network and shift to manual cargo operations. The incident, detected early Tuesday, impacted computer servers responsible for managing cargo traffic and other port services, highlighting growing cybersecurity risks within critical maritime infrastructure.
According to port officials, the attack locked certain systems and included a ransom demand, prompting an immediate response from the port authority’s technology team. To contain the threat, affected systems were isolated from external networks, preventing further spread while security teams assessed the extent of the breach.
Port president Carlos Botana confirmed that operations will not return to normal until systems are fully secured. He emphasized that reconnection will only occur once there is complete confidence that no residual threat remains, noting that there is currently no clear timeline for restoring digital services.
Despite the disruption, physical port operations – including ship movements and cargo handling – continue to function. However, the outage of digital platforms has significantly affected logistics coordination, forcing operators to rely on manual processes and paper-based documentation to maintain workflow continuity.
Authorities have launched an investigation to determine how attackers gained access to the network and whether any sensitive data was compromised. Initial assessments suggest the attack was financially motivated, aimed at extracting ransom payments, though no cybercriminal group has yet claimed responsibility.
The incident underscores a broader trend of increasing ransomware attacks targeting ports and maritime organizations, which play a critical role in global trade. Their reliance on interconnected digital systems makes them attractive targets for cybercriminals seeking to maximize disruption and financial gain.
Recent years have seen similar attacks across major ports worldwide. In 2023, Japan’s Port of Nagoya was forced to suspend operations following a ransomware attack linked to the LockBit group. Ports in Belgium, the Netherlands, Germany, Portugal, Japan, Australia, and major U.S. hubs such as Houston have also experienced cyber incidents that disrupted operations and exposed vulnerabilities in maritime logistics networks.
As cyber threats continue to evolve, the Port of Vigo attack highlights the urgent need for stronger cybersecurity measures, resilient infrastructure, and rapid response strategies to safeguard global supply chains from increasingly sophisticated ransomware campaigns.
Recommended Cyber Technology News :
- Linux Ransomware Pay2Key Targets Cloud & Servers
- NetApp and Elastio Partner to Strengthen Ransomware Recovery and Data Resilience
- Cisco Firewall 0-Day Exploited to Deploy Ransomware
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
