A busy port scene with various cargo boats of different sizes, filling the harbor with activity.

Nagoya Japan’s Busiest Port, Hit By Ransomware Attack

Nagoya, the most popular port in Japan, has lately been the target of a ransomware attack. The container terminals at the port were unable to work for more than 48 hours due to this cyberattack.

Nagoya Port plays a key role in Japan’s economy, as evidenced by the fact that 10% of all trade in the country passes through it. The port effectively manages more than two million cargos yearly with its 290 berths and 21 piers, which are always busy. Furthermore, the port’s extraordinary capability becomes clear by the 165 million tonnes of cargo that are effortlessly handled annually.

The ransomware attack is likely to have been executed out by the Russia-based cybercriminal group LockBit. This cyberattack is estimated to have compromised around 15,000 containers and businesses tied to them. Toyota Motor Corp., a corporation with a significant industrial presence in the area, is among those hit.

According to Japan’s basic cybersecurity law report, 14 industries have been listed as critical infrastructure that must be better protected against cyberattacks. Examples of these industries include airports, power, healthcare, and administrative services.

Seaports, on the other hand, are clearly missing from this list. This oversight extends to the legislation sent in May 2022 to strengthen Japan’s economic security, in which seaports were once again omitted.

Ransomware Attack on The Nagoya Shipping Sector Interrupt Cargo Operations

Staff at the Tobishima port at Nagoya Port noticed a glitch in the automated check-in system on July 4th in the early morning hours. Gate sensors and vehicle sensors both malfunctioned, leaving drivers stuck and unable to enter the port for cargo loading and unloading.

A little over an hour into this confusion, office printers at the port started printing paper nonstop with the words “LockBit Black Ransomware” unexpectedly printed on each sheet.

The central mechanism for container operations, the Nagoya Port Unified Terminal System (NUTS), was breached by attackers. As a result of this system failure, the Port of Nagoya administration issued a notification.

Upon investigating the cause, we held a meeting with the Nagoya Port Operation Association Terminal Committee, who operates the system, and the Aichi Prefectural Police Headquarters and it was discovered that the issue was a ransomware infection.

By 6 PM, the port authority had been working to repair the NUTS system, with plans to start up again at 8:30 the next morning. The port went through serious financial losses as the movement of products into and out of Japan was drastically delayed. Until that time, all container handling operations at the terminals that depended on trailers were suspended.

Although the Nagoya Port Authority has previously been the target of cyberattacks, this recent attack looks to have had the biggest effects. The port’s website was previously completely inaccessible for around 40 minutes on September 6, 2022, because of a distributed denial-of-service (DDoS) attack. The pro-Russian group Killnet planned the attack.

According to Chief Cabinet Secretary Hirokazu Matsuno:

It is increasingly important to improve the defence and resilience of the information systems of Japan’s infrastructure. The government should take measures against cyberattacks because all industries will be affected if transportation, a lifeline for us, is halted.

Organisations must put a high priority on cybersecurity best practises to prevent ransomware attacks like the one that hit the Port of Nagoya from compromising the supply chain and stopping essential shipping procedures.

Raising awareness and promoting a secure environment both greatly benefit from effective training. Additionally, controlling supply chain vulnerabilities can significantly reduce the risk of cyberattacks.

Phishing Tackle offers a free 14-day trial to help train your users to avoid these types of attacks and test their knowledge with simulated attacks using various attack vectors. By focusing on training your users to spot these types of attacks, rather than relying solely on technology (none of which can spot 100% of phishing emails), you can ensure that your organisation is better prepared to defend against cyber threats and minimise the impact of any successful attacks.

Recent posts