Japan’s largest port hit by ransomware cyberattack

By Nicholas Takahashi and Ann Koh (Bloomberg) –

Japan’s largest seaport has been crippled by a suspected Russian cyberattack, disrupting cargo movements as operators rush to prevent a major delay in deliveries.

Ransomware – used by hackers to lock down access to files or systems unless payment is made – caused a container terminal outage at the port of Nagoya in Aichi Prefecture on Tuesday morning, the Nagoya Harbor Transportation Authority said on Wednesday . The agency said operations are expected to resume Thursday at 8:30 a.m. local time.

As more Asian ports automate and abandon paper documentation, hackers are a growing problem for the region’s shipping networks. Cybercriminals have targeted European ports in recent years, with pro-Russian groups claiming responsibility for an attack on one of the biggest ports in the world continent takeovers just last month.

The Nagoya Port Authority said Russia-based ransomware group Lockbit 3.0 was responsible for the hack, Kyodo News reported Wednesday. Ransomware attackers typically target vulnerabilities in VPNs and remote desktop protocols, said Mihoko Matsubara, chief cybersecurity strategist at NTT Corp. She said such breaches are responsible for 80% of all ransomware attacks in Japan.

“It’s critical for businesses to update or patch the software they use to run their business,” Matsubara said.

Nagoya is one of several ports around the world that have recently been attacked by malware. Last Christmas, hackers broke into the computer systems in the Portuguese port of Lisbon and paralyzed operations for days. Jawaharlal Nehru Port Trust, India’s busiest container port, also suffered ransomware attack last year. In 2021, South Africa’s port and railway company was targeted with a strain of ransomware that cybersecurity experts have linked to groups in Eastern Europe and Russia.

Recent data breaches often involve “double ransom,” demanding a ransom to recover stolen information and prevent it from being released, said David Suzuki, Japan managing director of Blackpanda, a Singapore-based cybersecurity firm.

Toyota Motor Corp., the world’s largest automaker by units sold, said Tuesday’s attack in Nagoya has not yet affected shipments of new cars, but imported and exported parts cannot be loaded or unloaded at the port until the problem is resolved . There is currently no impact on production, a spokesman said.

The authorities in Japan speak of such attacks ascending. Last year, a cyberattack on a Toyota supplier in Aichi Prefecture forced operations at 14 factories to shut down.

–With support from Grace Huang.

© 2023 Bloomberg LP

Related Articles

Back to top button