Advertisement

Portuguese media empire struck in the latest cyberattack on news outlets

The Impresa Group joins the Jerusalem Post and the largest news organization in Norway among the recent victims.
Portgual media, newspapers
A woman leaves a kiosk displaying Portuguese newspapers in Lisbon on November 11, 2015. (PATRICIA DE MELO MOREIRA/AFP via Getty Images)

The websites of the top newspaper and TV station in Portugal remained down Tuesday after a cyberattack that began over the weekend, following in a string of recent attacks on media organizations.

Impresa Group said its Expresso newspaper and SIC TV stations were the victim of a computer attack. A ransomware group suspected as the culprit, known as Lapsus$, initially defaced the websites with a ransom demand.

The outfit also sent tweets from Expresso’s Twitter account to declare itself the president of Portugal, and sent text messages to the news organizations’ customers hyping its success in an apparent bid to pressure its victims into paying.

“For safety reasons, we ask that you do not access or forward any of the various communications that are being sent on behalf of the Impresa group brands,” the company said in a Facebook post on Monday. “We continue to take necessary actions and measures to resolve the situation as soon as possible.”

Advertisement

It’s one of a number incidents afflicting media organizations in the past couple weeks, although none of the attacks seem connected. The Jerusalem Post was hacked and defaced on Monday. The largest news organization in Norway got hit last week.

It’s also among several more publicly-reported suspected ransomware attacks on media entities over the past several months. “Most ransomware attacks are not targeted, so it is likely there are security deficiencies shared by other media orgs,” tweeted Allan Liska, director of threat intelligence at the Record Future cybersecurity firm.

The Lapsus$ Group apparently struck Brazil’s health ministry in December, and may have the same month been connected to a hack of the Federal Police there.

Tim Starks

Written by Tim Starks

Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he's covered cybersecurity since 2003.

Latest Podcasts