The Port of Rijeka in Croatia was the victim of a cyberattack over the weekend, which led to the theft of sensitive data, including financial and accounting records, personal information, employment contracts, and a large volume of non-disclosure agreements (NDAs). The attack was claimed by a ransomware group, but the Port’s leadership has yet to pay the ransom demand. Duško Grabovac, the CEO of the Port of Rijeka, confirmed the breach to the Croatian media outlet Novi list, stating that the stolen data was carefully reviewed and that the port’s operational systems were not compromised.
Despite the severity of the attack, Grabovac reassured the public that the port’s operations have returned to normal, thanks to the effectiveness of their backup systems. These systems allowed the Port of Rijeka to recover all the stolen data, minimizing potential disruption to its services. The prompt recovery has alleviated concerns over a major operational setback, and the port has continued its day-to-day functions without significant delays.
The attack highlights the growing risks faced by critical infrastructure, including ports and shipping terminals, which are increasingly targeted by cybercriminals. As one of the key hubs on the Adriatic Sea, the Port of Rijeka plays a vital role in the transportation of goods in and out of Croatia. With a range of partners, including ICTSI, APM Terminals, and ENNA Logic, the port handles a variety of cargo types and plays a critical role in Croatia’s economic infrastructure.
Looking to the future, the Port of Rijeka is working on expanding its capabilities, with the development of the Rijeka Gateway container terminal set to open in 2025. The new terminal is expected to significantly increase the port’s capacity, with a projected annual throughput of 650,000 TEU (Twenty-foot Equivalent Units). The cyberattack, while a setback, has not deterred the port from its continued growth, and the expansion plans remain on track as it looks to strengthen its cybersecurity measures in response to the recent breach.
Reference:
