Despite not being at the top of the list of enemy countries, Portugal could be attacked by Iranian hackers in retaliation for the support given to the USA at the Lajes Base.
Experts warn that Portugal could come to face computer attacks from Iranian hackers in the coming weeks, mainly due to its strategic positioning in NATO and the logistical support provided through the Lajes Base.
According to several sources linked to the area of cybersecurity heard by , Portugal does not appear among the priorities of Iran, but continues to be considered a potential target.
“There have not yet been any attacks identified against Portugal, as a reprisal for what is happening in the Middle East, but may be being prepared and may eventually intensify in the coming weeks”, explains Bruno Castro, CEO of Portuguese cybersecurity company VisionWare.
Previous attacks on digital infrastructures in Portugal largely occurred in a “vertical” manner, that is, targeted at specific sectors such as banking, retail or hospitals, in several countries at the same time. In these cases, hackers exploited existing vulnerabilities in these sectors and not a deliberate choice of Portuguese territory.
Despite the difficulty in accurately identifying the perpetrators of the attacks, there are suspicions that some groups have operated with the support of states hostile to NATOincluding Iran, Russia, China or Pakistan. According to Bruno Castro, these groups may have operated together, forming a kind of “international consortium” of cybercriminals.
The context of war in the Middle East could also transform some of these groups into “hacktivists”, who act for political or ideological motivations. The objective may be less about the theft of information and more about the disruption of critical infrastructures and the creating a climate of insecurity in Western societies.
Among the most active groups in the current digital landscape are Keymous+ and DieNet, responsible for a large part of the malicious activity observed recently. A report from Radware and Orange Cyberdefense identifies 149 claims of distributed denial of service (DDoS) attacks against 110 organizations in 16 countries since the beginning of the military offensive. More than half of the targets were government entities, mainly in the Middle East.
For Portugal, the most likely risk will not be a direct large-scale attack, but indirect impacts. Connecting technology supply chains with partners in the United States, Israel or Gulf countries can expose national strategic infrastructuresincluding operators of energy, telecommunications, ports, airports and cloud computing services.
