A ransomware attack was launched against Japan's biggest and busiest trading port by a cybercriminal outfit believed to be based in Russia.
Following the incident, the Port of Nagoya paused all cargo operations, including the loading and unloading of containers onto trailers. The Port of Nagoya handles some vehicle exports for businesses like Toyota and represents 10% of Japan's total trade volume.
Multiple Japanese media outlets were informed by the port authorities of Nagoya that it intended to quickly restore operations.
The attack was attributed by the Nagoya Harbour Transportation Association to the LockBit ransomware group, which is thought to be the most active ransomware gang at the moment. According to the FBI and the U.S. Cybersecurity and Infrastructure Security Agency, LockBit was the cause of one out of every six ransomware incidents in 2022. The organisation has not made a formal admission of guilt for the Nagoya attack.
The five cargo terminals in the port's computer system were impacted by the event. According to the Japanese television network FNN, which cited the port's administration, some terminals are currently running manually without the system, but if it is not repaired, ship entry into the port may be banned.
Toyota told Japanese media that the cyber attack has made it impossible to load or unload auto parts, but that car manufacturing has not been affected.
The incident was discovered early on Tuesday, according to the port authority, when a port employee couldn't start a computer. According to reports, hackers remotely delivered an English-language ransom letter to a printer, demanding payment in exchange for the system's restoration.
Series of attacks
This is not the port of Nagoya's first cyber attack; in September, a distributed denial-of-service (DDoS) attack by the Russian group Killnet temporarily took down the website of the port.
And the attack on the Port of Nagoya is only the most recent incident to have an impact on the shipping industry. A major ship software supplier was the target of a ransomware attack in January that affected around 1,000 vessels. In 2022, LockBit targeted the Port of Lisbon, and throughout the year, ports throughout Europe were the victim of several ransomware attacks.
Alejandro Mayorkas, secretary of the U.S. Department of Homeland Security, stated to Congress in November that cyber attacks pose the greatest threat to U.S. ports.