lockbit2 attacks soharportandfre...

Incident Date: Apr 14, 2022

Attack Overview

VICTIM

soharportandfre...

INDUSTRY

Transportation

LOCATION

Oman

ATTACKER

Lockbit

FIRST REPORTED

April 14, 2022

Request Removal

Ransomware Attack on SOHAR Port and Freezone

The SOHAR Port and Freezone, a pivotal transportation hub located between Dubai and Muscat, recently fell victim to a ransomware attack orchestrated by the Lockbit2 group. This incident has been officially acknowledged by the entity, which is a critical player in the transportation industry, operating as a joint venture equally owned by the Sultanate of Oman and the private sector.

As a significant nexus for global commerce, SOHAR Port and Freezone hosts leading industrial clusters in sectors such as metals, petrochemicals, and logistics. It stands among the fastest-growing port and free zone developments globally, processing over one million metric tons of sea cargo weekly. The port's commitment to digitization aims to enhance efficiency across the port and the entire supply chain.

The Lockbit2 ransomware group has taken credit for this cyber assault through their dark web leak site, leading to the blocking of the victim's website, http://www.soharportandfreezone.com/. While specific vulnerabilities that made the company an attractive target have not been detailed, the transportation sector's increasing encounters with ransomware attacks highlight a growing threat. These incidents have impacted major software suppliers for maritime and oil transport and storage entities.

Lockbit2, notorious for its focus on various industries including the maritime sector, has previously launched attacks on European ports. The group's modus operandi involves threatening to release stolen data unless their ransom demands are met.

In light of such threats, it is imperative for organizations to implement robust mitigation, detection, and response strategies. This is particularly vital as maritime entities progress towards digitalization and the adoption of autonomous systems. Ensuring the strength of recovery processes is equally crucial.

The SOHAR Port and Freezone, alongside other organizations, must elevate cybersecurity protocols to safeguard against ransomware threats, thereby mitigating operational disruptions and protecting the wider supply chain.

Sources

CISA Ransomware Guide
Ransomware attack on maritime software impacts 1,000 ships
Port of Lisbon targeted by LockBit ransomware hackers, website still down

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.