Japan's busiest port shut down by ransomware attack

Japan’s biggest port, situated in the city of Nagoya, has suffered a ransomware attack that crippled container terminal operations, causing a major knock-on effect. 

The Port of Nagoya has published a press release detailing the “malfunction” of the Nagoya Port Unified Terminal System (NUTS). According to BleepingComputer, NUTS is the central system used to control all container terminals in the port.

“Upon investigating the cause, we held a meeting with the Nagoya Port Operation Association Terminal Committee, who operates the system, and the Aichi Prefectural Police Headquarters [and] it was discovered that the issue was a ransomware infection,” Nagoya Port said in the press release (translated with Google Translate).

Massive losses

Not all ransomware attacks are equally destructive, and that depends mostly on the systems the threat actors manage to compromise. 

In this case, it seems, the attack was quite damaging, as all container loading and unloading operations had to be canceled. As a result, the media claim, the port will suffer “massive” financial losses, as well as “severe disruption” to the circulation of goods to and from Japan. 

The company plans on restoring operations soon.

Japan Times claims the attackers are LockBit 3.0, describing the threat actor as “pro-Russia”. While the publication states that LockBit made a ransom demand, it didn’t say exactly how much, or what the deadline is. Whether or not LockBit releases the data online remains to be seen.

The Port of Nagoya is one of the busiest ports in all of Japan. It apparently handles 10% of the total trade volume of the country, operating 21 piers and 290 berths. More than two million containers and more than 165 million tons of cargo go through the port every year. 

• Here's our rundown of the best endpoint protection software

Via: BleepingComputer