Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Ransomware attack brings Japan’s busiest port to standstill

Operations at Japan’s largest and busiest port have been brought to a halt after a suspected ransomware attack disrupted the system controlling the port’s container terminals.

user icon Daniel Croft
Thu, 06 Jul 2023
Ransomware attack brings Japan’s busiest port to standstill
expand image

Representatives for the Port of Nagoya issued a statement, saying there was an issue with the “Nagoya Port Unified Terminal System” or NUTS, which controls the five container terminals.

Some of the terminals have been able to continue operation manually, but according to the Japanese television network FNN, this could lead to restricted access if the issue isn’t resolved, resulting in congestion.

The issue was first detected on 4 July at 6:30am local time, when a worker was unable to start his computer. It has since been discovered that a ransomware attack may be the cause.

“Upon investigating the cause, we held a meeting with the Nagoya Port Operation Association Terminal Committee, who operates the system, and the Aichi Prefectural Police Headquarters, [and] it was discovered that the issue was a ransomware infection,” a statement from the Nagoya Port said, translated by BleepingComputer.

According to a report by The Japan Times, the Nagoya Harbor Transportation Association has said that it received a ransom demand from the Russian-backed hacking group LockBit 3.0.

The hacking group sent the message to the port authorities through a printer onsite, saying it had planted ransomware on its system and would restore it in exchange for the ransom being paid.

Currently, the port is unable to load or unload any containers, but it said it expects that operations will return to normal today (6 July). Police have also launched an investigation into the attack.

Toyota, the largest manufacturer of cars in the world, is a key user of the port, which is an export and import hub for Toyota parts.

Toyota has said that despite being unable to load or unload parts, there is currently no disruption to its services.

“We will closely monitor any impact on production while carefully examining the parts inventory,” said Toyota.

Nagoya, which accounts for around 10 per cent of Japan’s trade volume, has suffered cyber attacks in the past, but the latest one looks to be its biggest yet.

In September last year, the Port of Nagoya website was taken offline following a distributed denial-of-service attack by the Russian-backed threat group, Killnet. The site was taken down for approximately 40 minutes before being restored.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.