Ransomware attack from Russia hits Japan’s biggest port, delaying cargo
Sign up now: Get insights on Asia's fast-moving developments
Russia-based ransomware group Lockbit 3.0 was believed to be responsible for the attack on the Nagoya Port.
PHOTO: REUTERS
Follow topic:
TOKYO – Japan’s biggest maritime port was crippled by an alleged Russian cyber attack, disrupting cargo as operators rushed to prevent a wider delay in shipments.
Ransomware – used by hackers to lock access to files or systems unless a payment is made – caused a container terminal at the Port of Nagoya in Aichi prefecture to suffer an outage on Tuesday morning, the Nagoya Harbor Transportation Authority said on Wednesday.
The authority said operations were expected to resume on Thursday at 8.30am local time.
As more Asian ports automate and move away from paper documentation, hackers pose a growing problem to the region’s shipping networks. Cyber criminals have been targeting European ports in recent years, with pro-Russia groups claiming responsibility for an attack on one of the continent’s biggest ports in June.
The Nagoya Port Authority said Russia-based ransomware group Lockbit 3.0 was responsible for the hack, Kyodo News reported on Wednesday.
Ransomware attackers tend to target vulnerabilities in VPNs and remote desktop protocols, said Ms Mihoko Matsubara, NTT’s chief cyber security strategist. She said such breaches account for 80 per cent of ransomware attacks in Japan.
“It’s crucial for companies to update or patch software they use for their business operations,” Ms Matsubara said.
Nagoya is one of several ports globally to be recently targeted by malware.
On Christmas of 2022, hackers broke into the computer systems at Portugal’s Port of Lisbon, holding up operations for days. Jawaharlal Nehru Port Trust, India’s busiest container port, also suffered a ransomware attack in 2022. In 2021, South Africa’s port and rail company was targeted with a strain of ransomware that cyber security experts have linked to groups in Eastern Europe and Russia.
Recent data breaches often involve “double extortion” in which a ransom is demanded for the recovery of stolen information, as well as keeping it from being published, said Mr David Suzuki, Japan managing director of Blackpanda, a Singapore-based cyber security firm.
Toyota Motor, the world’s biggest carmaker by units sold, said the attack in Nagoya on Tuesday would not affect the shipment of new cars yet, but imported and exported parts could not be loaded or unloaded at the port until the problem was resolved. Currently, there was no impact on production, a spokesman said.
The authorities in Japan say such attacks are on the rise. In 2022, a cyber attack on one of Toyota’s suppliers in Aichi prefecture forced it to halt operations at 14 factories. BLOOMBERG
