Cyber Incident Victim: Trust in News
Date:
Feb 2022
Location:
Portugal
Summary
A cyberattack targeted the Trust in News media group, affecting Visão magazine and other affiliated titles, though systems remained operational without critical compromise. Security protocols were promptly activated to mitigate the incident, which coincided with a broader wave of disruptive attacks in Portugal—including a severe hack on Vodafone that disabled services for millions, crippled emergency response systems, ATMs, and electronic monitoring infrastructure. Authorities acknowledged heightened concern over these incidents, noting their increasing frequency and impact on essential services. No ransom demands or clear motives were identified, aligning with a trend of cybercrime targeting digital assets rather than physical extortion.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 6 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 9, 2022, the Trust in News media group, which includes Visão magazine and other publications, experienced a cyberattack. The incident occurred on a Wednesday morning, marking another disruption in a series of cyber incidents affecting Portuguese organizations. The group’s websites remained operational during the attack, with no immediate service interruptions reported. A representative from Trust in News confirmed that initial assessments indicated no critical systems were compromised. Security protocols, including alert systems, were activated promptly to contain the breach. This incident unfolded amid ongoing fallout from a separate cyberattack on Vodafone Portugal, which had begun earlier that week and remained unresolved. The Vodafone breach had already caused severe disruptions, including service outages for approximately 4.7 million users, impaired emergency response systems (INEM, firefighters, PJ police), ATM failures, and compromised monitoring of criminals under electronic surveillance.
The Trust in News attack coincided with heightened national concern over cybersecurity, as articulated by Prime Minister António Costa. He acknowledged the government’s unease regarding multiple cyber intrusions since January 2022, including attacks on hospital networks that caused operational disruptions. Costa emphasized the need for businesses to strengthen preventive measures. Cybersecurity experts noted the unprecedented scale of the Vodafone attack, suggesting it required months of preparation and signaling a persistent threat landscape. Vodafone executives characterized their incident as a “terrorist, criminal act,” underscoring its severity. Notably, neither the Trust in News nor Vodafone attacks involved ransom demands, leaving motives unclear. Manuel Dias, a cyber risk consultant, contextualized the trend by highlighting the shift of economic value into digital assets, making them prime targets for criminal activity. The Trust in News group continued evaluating the incident while maintaining public-facing services.