The work of the largest seaport in Japan was paralyzed by an extortionist attack

Nagoya Port, the largest and busiest seaport in Japan, has been hit by an encrypted ransomware attack that has significantly affected container terminals.

The port of Nagoya provides about 10% of Japan’s total trade. It has 21 berths and 290 moorings. The port annually handles over two million containers and 165 million tons of cargo.

Nagoya is also used by Toyota Motor Corporation, one of the largest automakers in the world, to export most of its vehicles.

Today, Nagoya Port Authority published a notice about a failure in the “Unified Terminal System of the Port of Nagoya” – the central system that manages all container terminals in the port. According to the notice, the issue was caused by a ransomware attack that occurred on July 4, 2023 around 06:30 local time.

“While investigating the cause, we held a meeting with a special subcommittee of the Nagoya Port Transportation Association, which manages the entire system, as well as the Aichi Prefectural Police Headquarters. It was found that ransomware infection was the root cause of the incident,” the notice reads.

The system is scheduled to be restored today by 18:00. Until then, all container loading and unloading operations at the terminals using trailers have been canceled, which has already caused huge financial losses to the port, as well as serious delays in the transportation of goods.

Nagoya has experienced cyberattacks before. On September 6, 2022, the port site was down for about 40 minutes due to DDoS-attack launched, as expected, by a group of intruders kill net. However, this attack, of course, will bring much more damage to both the port itself and all organizations that use its services to transport their goods.

At the time of publication, the attackers behind the ransomware attack on the port of Nagoya remain unknown. None of the active cybercriminal groups has yet publicly announced their involvement in the attack.