iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Operations at Japan’s largest and busiest port have been brought to a halt after a suspected ransomware attack disrupted the system controlling the port’s container terminals.
Representatives for the Port of Nagoya issued a statement, saying there was an issue with the “Nagoya Port Unified Terminal System” or NUTS, which controls the five container terminals.
Some of the terminals have been able to continue operation manually, but according to the Japanese television network FNN, this could lead to restricted access if the issue isn’t resolved, resulting in congestion.
The issue was first detected on 4 July at 6:30am local time, when a worker was unable to start his computer. It has since been discovered that a ransomware attack may be the cause.
“Upon investigating the cause, we held a meeting with the Nagoya Port Operation Association Terminal Committee, who operates the system, and the Aichi Prefectural Police Headquarters, [and] it was discovered that the issue was a ransomware infection,” a statement from the Nagoya Port said, translated by BleepingComputer.
According to a report by The Japan Times, the Nagoya Harbor Transportation Association has said that it received a ransom demand from the Russian-backed hacking group LockBit 3.0.
The hacking group sent the message to the port authorities through a printer onsite, saying it had planted ransomware on its system and would restore it in exchange for the ransom being paid.
Currently, the port is unable to load or unload any containers, but it said it expects that operations will return to normal today (6 July). Police have also launched an investigation into the attack.
Toyota, the largest manufacturer of cars in the world, is a key user of the port, which is an export and import hub for Toyota parts.
Toyota has said that despite being unable to load or unload parts, there is currently no disruption to its services.
“We will closely monitor any impact on production while carefully examining the parts inventory,” said Toyota.
Nagoya, which accounts for around 10 per cent of Japan’s trade volume, has suffered cyber attacks in the past, but the latest one looks to be its biggest yet.
In September last year, the Port of Nagoya website was taken offline following a distributed denial-of-service attack by the Russian-backed threat group, Killnet. The site was taken down for approximately 40 minutes before being restored.
Be the first to hear the latest developments in the cyber industry.
