Join our crew and become one of the 110,240 members that receive our newsletter.

Port of Nagoya

Photo courtesy Port of Nagoya

Japan’s Biggest Port Hit by Ransomware Cyberattack

Bloomberg
Total Views: 2759
July 5, 2023

By Nicholas Takahashi and Ann Koh (Bloomberg) —

Japan’s biggest maritime port was crippled by an alleged Russian cyberattack, disrupting cargo as operators rushed to prevent a wider delay in shipments.

Ransomware — used by hackers to lock access to files or systems unless a payment is made — caused a container terminal at the Port of Nagoya in Aichi Prefecture to suffer an outage Tuesday morning, the Nagoya Harbor Transportation Authority said Wednesday. The authority said operations are expected to resume Thursday at 8:30 a.m. local time.

As more Asian ports automate and move away from paper documentation, hackers pose a growing problem to the region’s shipping networks. Cyber criminals have been targeting European ports in recent years, with pro-Russia groups claiming responsibility for an attack on one of the continent’s biggest ports just last month

The Nagoya port authority said Russia-based ransomware group Lockbit 3.0 was responsible for the hack, Kyodo News reported Wednesday. Ransomware attackers tend to target vulnerabilities in VPNs and remote desktop protocols, said Mihoko Matsubara, NTT Corp.’s chief cybersecurity strategist. She said such breaches account for 80% of ransomware attacks in Japan.

“Its crucial for companies to update or patch software they use for their business operations,” Matsubara said.

Nagoya is one of several ports globally to be recently targeted by malware. Last Christmas, hackers broke into the computer systems at Portugal’s Port of Lisbon, holding up operations for days. Jawaharlal Nehru Port Trust, India’s busiest container port, also suffered a ransomware attack last year. In 2021, South Africa’s port and rail company was targeted with a strain of ransomware that cybersecurity experts have linked to groups in Eastern Europe and Russia.

Recent data breaches often involve “double extortion” in which a ransom is demanded for the recovery of stolen information as well as keeping it from being published, said David Suzuki, Japan managing director of Blackpanda, a Singapore-based cybersecurity firm.

Toyota Motor Corp., the world’s biggest carmaker by units sold, said the attack in Nagoya on Tuesday won’t affect the shipment of new cars yet, but imported and exported parts cannot be loaded or unloaded at the port until the problem is resolved. Currently there is no impact on production, a spokesperson said.

Authorities in Japan say such attacks are on the rise. Last year, a cyberattack on one of Toyota’s suppliers in Aichi Prefecture forced it to halt operations at 14 factories.

–With assistance from Grace Huang.

© 2023 Bloomberg L.P.

Unlock Exclusive Insights Today!

Join the gCaptain Club for curated content, insider opinions, and vibrant community discussions.

Sign Up
Back to Main
polygon icon polygon icon

Why Join the gCaptain Club?

Access exclusive insights, engage in vibrant discussions, and gain perspectives from our CEO.

Sign Up
close

JOIN OUR CREW

Maritime and offshore news trusted by our 110,240 members delivered daily straight to your inbox.