Attorney general aware of cyber-attacks, some serious

  • Lusa
  • 9 February 2022

The Attorney General's Office (PGR) said on Wednesday that "cyber-attacks are realities that the Cybercrime Bureau has been paying attention to in recent years" due to the gravity of some cases.

The Attorney General’s Office (PGR) said this Wednesday that “cyber-attacks are realities” to which its Cybercrime Office “has been attentive in recent years, not so much by the number of reported situations, but by the gravity of some cases.

In a response sent to Lusa after the recent cyber-attack on the communications operator Vodafone, the PGR underlined that regarding the evolution of cybercrime, its Cybercrime Office regularly releases information notes describing the complaints received, the latest of which refers to the year 2021.

“This information results from the analysis of the complaints that come directly to it. Reading the information available so far, one can see that there have been reports of ransomware that have mainly hit small and medium-sized businesses”, the PGR explained.

However, “the so-called cyber-attacks, or situations of external intrusions into systems, are not among the most frequent situations”.

“Cyber-attacks are realities that the Cybercrime Bureau has been paying attention to in recent years, not so much because of the number of situations reported, but because of the gravity of some cases,” the OPG stressed.

Meanwhile, the coordinator of the National Unit for Combating Cybercrime and Technological Crime (UNC3T) of the Judiciary Police, Carlos Cabreiro, said on Tuesday that the body is investigating a single computer crime in the cyber-attack on Vodafone, in collaboration with international entities, but also with the secret services, and considers it “premature” to link this attack to others that have occurred recently.

The official also said that all hypotheses are on the table, admitting an individual attack or a concerted group action, connected to recent cyber-attacks in Portugal or not.

The main objectives of the investigation at this time are to understand the reasons for the attack, the collection of evidence, “which in this particular case has specificities and depends on some expertise associated with the use of new technologies”, and to find out if personal data and confidential information were possibly compromised.

Vodafone said on Tuesday it had been the target of a cyber-attack on Monday and said it had no evidence that customers’ data had been accessed or compromised and was determined to restore normal services.

The cyber-attack on Vodafone Portugal affected ATMs and essential services that depend on this network, such as the National Institute of Medical Emergency (INEM) and some fire services.