Japan’s largest port in the cyber crosshairs

Ransomware continues to cause massive disruption to the global economy. This week, Japan’s largest maritime port was the target of a concerted attack which has- surprise surprise- been linked to Russian forces.

The ransomware attack has disrupted cargo, causing a container terminal at the Port of Nagoya in Aichi Prefecture to suffer an outage on the morning of 5 July, the Nagoya Harbor Transportation Authority said. 

The authority said operations are expected to resume Thursday at 8:30 a.m. local time (6 July).

.The Nagoya port authority said Russia-based ransomware group Lockbit 3.0 was responsible for the hack, Kyodo News reported Wednesday. Ransomware attackers tend to target vulnerabilities in VPNs and remote desktop protocols, said Mihoko Matsubara, NTT Corp.’s chief cybersecurity strategist. She said such breaches account for 80% of ransomware attacks in Japan.

“It’s crucial for companies to update or patch software they use for their business operations,” Matsubara said.

Nagoya is one of several ports globally to be recently targeted by malware. Last Christmas, hackers broke into the computer systems at Portugal’s Port of Lisbon, holding up operations for days. Jawaharlal Nehru Port Trust, India’s busiest container port, also suffered a ransomware attack last year. 

In 2021, South Africa’s port and rail company was targeted with a strain of ransomware that cybersecurity experts have linked to groups in Eastern Europe and Russia.

Toyota Motor, the world’s biggest carmaker by units sold, said the attack in Nagoya on Tuesday won’t affect the shipment of new cars yet, but imported and exported parts cannot be loaded or unloaded at the port until the problem is resolved. Currently there is no impact on production, a spokesperson said.

Authorities in Japan say such attacks are on the rise. Last year, a cyberattack on one of Toyota’s suppliers in Aichi Prefecture forced it to halt operations at 14 factories.