Risk & Conflict Report

The latest Risk & Conflict Report 2023, published by Portugal’s National Cybersecurity Center (CNCS), offers a detailed overview of the country’s cybersecurity landscape. In an increasingly digital and interconnected world, the report highlights how cyber risks have become a strategic concern, affecting not only technological systems but also social trust, economic stability, and essential services.

Primary targets
In 2023, Internet Service Providers (ISPs) were the primary targets of cybersecurity incidents, accounting for 81% of all cases reported by CERT.PT. This striking figure reflects the critical role ISPs play in Portugal’s digital infrastructure and their vulnerability to large-scale attacks. Other sectors such as Digital Infrastructure and Education, Science, and Technology also experienced a notable number of incidents, though to a lesser extent.

While the overall number of incidents remained relatively stable, the social and operational impact of attacks increased significantly. Threat actors are employing increasingly sophisticated techniques, exploiting unknown vulnerabilities and using social engineering methods to deceive users and compromise systems. Phishing, smishing, and vishing remain common attack vectors, often combined with spoofing to impersonate legitimate entities. Ransomware continues to be one of the most destructive threats, with attackers demanding cryptocurrency payments and causing severe service disruptions.

High-profile cases
Several high-profile cases marked the year, including attacks on Vodafone Portugal, Hospital Garcia de Orta, TAP Air Portugal, Sonae MC, and Laboratório Germano de Sousa. These incidents demonstrate that attackers are not only targeting tech companies but also institutions that directly impact citizens’ lives, such as healthcare providers, transportation services, and retail networks. The consequences range from service outages to the exposure of sensitive personal and medical data, raising serious concerns about privacy and security.

The report also identifies emerging trends that will shape the future of cybersecurity in Portugal. The expansion of the attack surface, driven by the proliferation of the Internet of Things (IoT), the rollout of 5G, and the growing adoption of cloud computing, presents new challenges for system protection. Geopolitical conflicts, such as the war in Ukraine, have intensified the use of cyberspace as a battleground, with espionage, sabotage, and disinformation becoming increasingly common.

Artificial Intelligence
Another key concern is the growing use of generative AI to produce false and manipulative content, making it harder to distinguish legitimate information from disinformation. This evolving threat landscape calls for a coordinated and multidisciplinary response, involving not only technical experts but also communicators, policymakers, and educators.

Strategic measures 
To address these challenges, CNCS recommends a set of strategic measures aimed at strengthening national resilience:

• Enhancing incident response capabilities, with well-trained technical teams and clear crisis management protocols.
• Investing in professional training, ensuring cybersecurity skills are up to date across sectors.
• Promoting digital literacy among the general public, through awareness campaigns and education.
• Strengthening cooperation between public, private, and international entities, to foster information sharing and coordinated action.

In conclusion, the Risk & Conflict Report 2023 sends a clear message: cybersecurity is no longer just a technical issue—it is a national strategic priority. Protecting cyberspace requires an integrated approach that combines technology, education, legislation, and collaboration. In a digital world, security is the foundation of trust—and without trust, there can be no progress.

Read the full report (in Portuguese) here.