SOHAR Port and Freezone

In 2022, SOHAR Port and Freezone in Oman fell victim to a ransomware attack orchestrated by the LockBit 2.0 group, a Russian-linked cybercriminal syndicate. The attack severely disrupted port operations, crippling critical systems that underpin trade and logistics activities. As one of the Middle East’s key maritime hubs, the incident exposed the fragility of global supply chains when targeted by sophisticated ransomware. The attack led to delays in cargo handling, financial losses for businesses reliant on the port, and broader concerns over the resilience of port infrastructure against cyber threats. While the full extent of data compromise remains undisclosed, the operational halt underscored the attack’s potential to destabilize regional and international trade flows. The incident also highlighted the growing trend of state-affiliated or high-profile cybercriminal groups targeting strategic economic assets, raising alarms about the escalating risks to critical infrastructure worldwide.

Source: https://ransomwareattacks.halcyon.ai/attacks/lockbit2-attacks-soharportandfre

TPRM report: https://www.rankiteo.com/company/hutchison-ports-sohar

"id": "hut324092125",
"linkid": "hutchison-ports-sohar",
"type": "Ransomware",
"date": "4/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"

{'affected_entities': [{'industry': 'logistics/transportation',
                        'location': 'Oman',
                        'name': 'SOHAR Port and Freezone',
                        'type': 'port authority'}],
 'data_breach': {'data_encryption': True},
 'date_publicly_disclosed': '2022',
 'description': 'SOHAR Port and Freezone in Oman faced a ransomware attack '
                'from LockBit 2.0 in 2022. The Russian-linked group disrupted '
                'port operations, affecting trade activities. The incident '
                'underscored the vulnerability of port infrastructure to '
                'ransomware, which can cause major disruptions to global '
                'shipping.',
 'impact': {'operational_impact': 'disruption of trade activities and global '
                                  'shipping',
            'systems_affected': ['port operations systems']},
 'initial_access_broker': {'high_value_targets': ['port operations systems']},
 'lessons_learned': 'The incident highlighted the vulnerability of critical '
                    'port infrastructure to ransomware attacks, emphasizing '
                    'the need for robust cybersecurity measures in global '
                    'shipping and logistics sectors.',
 'motivation': 'financial (ransomware)',
 'ransomware': {'data_encryption': True, 'ransomware_strain': 'LockBit 2.0'},
 'threat_actor': 'LockBit 2.0',
 'title': 'Ransomware Attack on SOHAR Port and Freezone by LockBit 2.0',
 'type': 'ransomware'}

SOHAR Port and Freezone

VECT 2.0: New VECT 2.0 Ransomware Targets Multi-Platform Systems

Kettering Health: US Healthcare Data Breach Crisis Impacts Millions -- Security Today

Gelatissimo: Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce