Portugal Faces New Cybersecurity Threats: What Residents Must Know About Hybrid Attacks and New Safety Rules

Portugal's Council of State Warns of Hybrid Threats and Critical Vulnerabilities

On April 17, Portugal's Council of State delivered a comprehensive security assessment revealing significant vulnerabilities to hybrid threats—combining cyber-espionage, sabotage, disinformation, and infrastructure attacks. The gathering at Belém Palace in Lisbon brought together former presidents, government ministers, regional governors, and newly appointed advisors to address escalating risks facing the nation.

The council emphasized the need for "reinforced national preparation" against threats ranging from state-sponsored cyberattacks to severe weather events. According to the Centro Nacional de Cibersegurança (CNCS), Portugal faces a 36% surge in Distributed Denial of Service (DDoS) attacks primarily targeting public administration and essential service operators. The advisory also highlighted concerns about ransomware campaigns and the use of generative artificial intelligence to automate cyberattacks.

Critical Infrastructure and Submarine Cable Vulnerability

Critical infrastructure protection now ranks as a top national priority. Portugal's strategic position as a submarine cable hub connecting continents has made the country a target for foreign adversaries. Russian naval vessels have been detected conducting reconnaissance missions in Portuguese waters, raising alarms about potential physical sabotage of undersea cables carrying the vast majority of transatlantic internet traffic.

The New Cybersecurity Legal Framework, which took effect April 3, dramatically expands the scope of regulated entities. Medium and large enterprises, digital service providers, and organizations across 18 critical sectors—including energy, health, transportation, and telecommunications—now face stringent risk management obligations under the NIS2 directive. Companies must implement robust supply chain security protocols and rapidly report incidents to the CNCS, with substantial fines for non-compliance.

Severe Weather Preparedness and Defense Spending

The council also prioritized civil protection readiness, citing vulnerabilities exposed during recent severe weather events. Portugal continues to strengthen its defense posture, meeting NATO's 2% GDP target in 2025—four years ahead of schedule.

The Portugal Revenue Department and other government agencies have been explicitly tasked with improving coordination mechanisms to ensure seamless prevention, response, and recovery capabilities across all entities responsible for national security.

What This Means for Portuguese Residents

For people living in Portugal, these security assessments translate into immediate regulatory and operational changes. The expanded cybersecurity framework affects thousands of businesses nationwide, requiring new compliance protocols and incident reporting procedures. Residents should expect continued emphasis on civil protection readiness and awareness campaigns regarding cyber threats and disinformation risks.

The National Climate Change Adaptation Strategy (ENAAC 2020) remains in effect until December 31, 2025, with ENAAC 2030 under public consultation to address evolving climate risks alongside cybersecurity threats.

Council Composition and Strategic Direction

President António José Seguro, who took office March 9, convened this inaugural Council of State session to prioritize security and defense matters. The newly sworn members include former ministers Alberto Martins and Nuno Severiano Teixeira, Catholic University rector Isabel Capeloa Gil, and scientist Maria Carmo Fonseca. Parliamentary appointees included former Lisbon Mayor Carlos Moedas, Porto Mayor Pedro Duarte, Chega party leader André Ventura, and Socialist Party president Carlos César.

In a statement released by the Presidency of the Republic, President Seguro praised the council's contributions, emphasizing the importance of "guaranteeing stability, security, and citizen confidence." The council's assessment reflects Portugal's recognition that modern security threats operate across digital and physical domains, requiring coordinated institutional response.

The meeting represents a significant moment of institutional alignment on Portugal's security posture. Whether the identified risks translate into concrete policy action—adequate cybersecurity funding, improved inter-agency coordination, and meaningful international engagement—will be critical for protecting residents, the economy, and democratic institutions from hybrid threats now defining 21st-century security.