Caught in the Crossfire: Ransomware Attacks Surge in Portugal and Europe
2024 has seen a historic surge in cyberattacks, intensifying threats to critical infrastructures around the globe. According to Check Point Research, Q2 2024 alone marked a staggering 30% year-over-year increase, with an average of 1,636 attacks per organisation each week. Government and military organisations worldwide have borne the brunt, facing an average of 2,084 weekly attacks—one of the highest across all sectors1.
Among the hardest-hit regions, Europe reported a 35% increase in cyberattacks2. Portugal, too, was shaken by one of the EU’s most severe ransomware incidents when cybercriminals breached the Agência para a Modernização Administrativa (AMA). This attack disrupted essential platforms like Autenticação.gov and Gov ID—services integral to Portuguese citizens and businesses for authenticating on government systems. Their temporary shutdown stalled the delivery of vital public digital services, underscoring the critical role these platforms play.
Ransomware’s Global Impact
Portugal’s AMA breach reflects a disturbing global trend: cybercriminal groups and state-sponsored entities alike are exploiting security vulnerabilities in an increasingly digital world.
According to cybersecurity firm Arctic Wolf, the origins of “modern cybercrime” can be traced back to 1962, when Allen Scherr manipulated an MIT database to steal passwords via punch card3. Since then, cybercrime has evolved and escalated, increasingly targeting government institutions and corporate giants.
The rise of ransomware, especially advanced strains like LockBit, illustrates the sophisticated reach of these attacks. LockBit has become the most prevalent ransomware variant of 2024, wreaking havoc globally by encrypting sensitive data and demanding multi-million-dollar ransoms4. These attacks can paralyze entire systems, as organisations scramble to restore critical information, often under a demand of a hefty multi-million-dollar ransom.
The repercussions of ransomware attacks, like the AMA breach, ripple across various sectors worldwide. In the U.S., the healthcare industry has been a primary target. For instance, an attack on Change Healthcare left vital IT systems offline for weeks, impacting patient care and compromising sensitive data.
When infrastructure that stores highly confidential information is compromised, the effects can cascade, disrupting other sectors reliant on that data.
Cybersecurity risks are not limited to ransomware alone; state-sponsored groups, often linked to countries like China and Russia, also pose severe threats to critical infrastructures. Recently, China’s Volt Typhoon group executed large-scale attacks on U.S. home routers, targeting essential services like energy and telecommunications.
These incidents stress how fragile our interconnected infrastructures really are and the pressing need for fortified cybersecurity defences.
When Cybersecurity Hits Close to Home
The AMA breach in Portugal demonstrates how even vital administrative infrastructures can be easily compromised within just seconds. Against the backdrop of rising ransomware attacks, this event shows how urgent the need for global investments in cybersecurity really is. Strengthening digital security measures through regular system updates, comprehensive training, and enhanced international cooperation is crucial, but it is not enough.
For me, this issue is personal. As a Brazilian-Portuguese person, who spent eight years in Portugal, I have seen how vital these digital services are in daily life, whether for citizens or residents who rely on government platforms. The attack on these systems feels deeply unsettling—it’s not just a blow to digital infrastructure; it’s an assault on a part of the country I consider my second home.
Having previously worked in the public sector, I know firsthand how security practices often fall short of what’s needed. This incident has left me concerned about the security of my own data and acutely aware of the broader risks.
This breach is a clarion call for stronger cybersecurity measures to protect not just systems, but also the people who rely on them. It serves as a painful reminder of the need for stronger cybersecurity measures to protect not only systems but also the privacy and security of the individuals who depend on them.