Cyber Incident Victim: Agência de Notícias de Portugal
Date:
May 2022
Location:
Portugal
Summary
The Portuguese news agency experienced a DDoS attack causing service instability, though customers reportedly faced no downtime. Attack intensity decreased over the weekend, but ongoing mitigation efforts with technology partners continued due to the unpredictable nature of such threats. The incident, part of a broader surge in cyberattacks targeting Portuguese entities, was reported to authorities, with disruptions primarily affecting internal operations and prompting apologies to affected parties.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around May 12, 2022, Lusa – Agência de Notícias de Portugal experienced a cyberattack targeting its web servers through a Distributed Denial of Service (DDoS) method. The attack began intensively during a 48-hour period prior to May 14, causing sustained instability in the news service. Lusa's administration, led by Board Chairman Joaquim Carreira, confirmed the incident in internal communications to employees, characterizing the DDoS attack as an attempt to saturate server capacity and disrupt service availability. Initial impacts included operational instability, though no total service outage was confirmed at the onset. By May 14, Carreira reported decreased attack frequency and scale over the weekend but cautioned that the erratic nature of DDoS attacks made future incidents unpredictable.
Lusa's response involved continuous monitoring and mitigation efforts coordinated with technology partners, though specific technical countermeasures were not detailed in public statements. The organization maintained that no clients experienced service unavailability despite the attack's disruptive intent. Authorities were notified of the incident, consistent with standard incident reporting protocols. Carreira acknowledged inconveniences to staff, clients, and service users but emphasized containment of operational consequences. This incident occurred amid a broader pattern of cyberattacks targeting Portuguese organizations throughout 2022, though no attribution or motive was disclosed by Lusa or its representatives.