Timing
The July 4, 2023 06:00 (JP time) a ransomware attack impacted the central computer system, the Nagoya Port Unified Terminal System (NUTS), that operates the port’s five cargo terminals, causing widespread disruptions.
Ransomware Group
The US Cybersecurity and Infrastructure Security Agency’s (CISA) assessment of LockBit is that it’s a ransomware-as-a-service operator that works with affiliates that conduct attacks. CISA rated the outfit 2022’s most prolific ransomware operator, and as clever enough that it often changes tactics to avoid detection.
Infosec agencies from seven nations recently issued a joint advisory in which they estimated that since 2020 LockBit has cost victims in the US alone over $90 million – the result of around 1,700 attacks.
Among its victims are suppliers to Taiwanese chipmaking titan TSMC and SpaceX.
Business Impact
With 21 piers and 290 berths, the Port of Nagoya, Japan, handles an average of 165 million tons of cargo annually, representing about 10% of the country’s total trade volume.
Similar attacks on ship transportation:
The Japanese Nagoya Port ransomware incident impacted the country’s leading manufacturers like Toyota Motor Corporation, which largely depends on the facility for its export and import operations.
The Japanese port has suffered numerous cyber attacks, but this was the largest so far. In September 2022, the Japanese port suffered a Killnet distributed denial of service attack (DDoS) attack that momentarily disrupted operations for about 40 minutes.
In early 2022, India’s Jawaharlal Nehru Port also suffered a ransomware attack that impacted Jawaharlal Nehru Port Container Terminal (JNPCT).
Other shipping facilities targeted by cyber-attacks include the Port of Barcelona (2018), Port of Vancouver (2018), Port of Marseilles (2020), Shahid Rajaee Port Terminal and Hormuz Port in Iran (2020), Port of Kennewick, Washington (2020), Port of Houston, Texas (2021), and Port of London Authority (2022), among others.