8Base Ransomware Strikes Luka Rijeka Critical Port

Incident Date: Dec 06, 2024

Attack Overview

VICTIM

Port of Rijeka

INDUSTRY

Transportation

LOCATION

Croatia

ATTACKER

8base

FIRST REPORTED

December 6, 2024

Request Removal

Ransomware Attack on Port of Rijeka: A Critical Infrastructure Breach

The Port of Rijeka, a pivotal maritime hub in Croatia, recently became the target of a ransomware attack by the notorious 8Base group. This incident underscores the vulnerabilities faced by critical infrastructure sectors, particularly those heavily reliant on digital technologies.

About the Port of Rijeka

Located in northern Croatia, the Port of Rijeka serves as a crucial gateway to Central European markets. Operated by Luka Rijeka d.d., the port is renowned for its modern infrastructure and diverse cargo handling capabilities. It features specialized terminals for container, bulk, and refrigerated cargo, making it a key player in the Adriatic Sea's logistics landscape. Luka Rijeka d.d. employs approximately 640 to 655 individuals and reported revenues of €39.7 million in 2023, reflecting its operational capacity.

Details of the Attack

The 8Base ransomware group claimed responsibility for the attack, which involved the exfiltration of sensitive data, including invoice receipts, accounting records, personal data, and employment contracts. The breach was confirmed by a senior official, who noted that the attack occurred over the preceding weekend. Despite the data theft, the port did not fulfill the ransom demand and successfully restored its systems using backups, allowing operations to resume normally.

Profile of the 8Base Ransomware Group

Emerging in March 2022, the 8Base ransomware group has quickly established itself as a formidable threat, particularly to small and medium-sized enterprises. Known for its double extortion tactics, the group not only encrypts data but also threatens to release it publicly if ransoms are not paid. 8Base primarily gains access through phishing emails and exploits vulnerabilities using tools like SmokeLoader and SystemBC. The group is distinguished by its rapid adaptation and sophisticated evasion techniques, making it a significant adversary in the cybersecurity landscape.

Vulnerabilities and Implications

The attack on the Port of Rijeka highlights the vulnerabilities inherent in critical infrastructure sectors. As a major logistics hub, the port's reliance on digital systems makes it an attractive target for cybercriminals. The incident serves as a stark reminder of the ongoing threat posed by ransomware groups and the importance of cybersecurity measures to protect sensitive data and maintain operational integrity.

Sources

https://www.ransomware.live/id/UG9ydCBvZiBSaWpla2FAOGJhc2U=

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.