Japan’s largest port stops operations after ransomware attack


The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals.

The port accounts for roughly 10% of Japan’s total trade volume. It operates 21 piers and 290 berths. It handles over two million containers and cargo tonnage of 165 million every year.

The port is also used by the The Toyota Motor Corporation, one of the world’s largest automakers, to export most of its cars.

Container processing halted

Today, the administrative authority of the Port of Nagoya has issued a notice about a malfunction in the “Nagoya Port Unified Terminal System” (NUTS) – the central system controlling all container terminals in the port.

According to the notice, the problem was caused by a ransomware attack that occurred on July 4, 2023, around 06:30 AM local time.

“Upon investigating the cause, we held a meeting with the Nagoya Port Operation Association Terminal Committee, who operates the system, and the Aichi Prefectural Police Headquarters [and] it was discovered that the issue was a ransomware infection” – Nagoya Port (machine translated)

The port authority is working to restore the NUTS system by 6 PM today and plans to resume operations by 08:30 AM tomorrow.

Until then, all container loading and unloading operations at the terminals using trailers have been canceled, causing massive financial losses to the port and severe disruption to the circulation of goods to and from Japan.

The Nagoya Port Authority has dealt with cyberattacks before but it appears that this one has the largest impact. On September 6, 2022, the website of the port was unreachable for about 40 minutes due to a massive distributed denial-of-service attack (DDoS) launched by the pro-Russian group Killnet.

At the time of publishing the threat actor behind the ransomware attack on the Port of Nagoya remains unknown as no threat actor has claimed the intrusion publicly, yet.



Source link