Nagoya Port Faces Disruption After Ransomware Attack

Written by

The Nagoya Port Unified Terminal System (NUTS) in Japan suffered a significant system outage on Tuesday that was attributed to a ransomware attack.

According to a notice (in Japanese) sent to customers, the attack disrupted container operations across all terminals within the port.

In particular, container import and export operations via trailer transportation have been temporarily halted at the terminals. Shipping companies responsible for the arrival and departure of container vessels are advised to consult with the primary carrier for instructions and updates regarding loading and unloading operations.

“Once again, we wake up with the reminder that ransomware attacks have a far-reaching impact, especially when a major part of the global supply chain is targeted,” commented Joseph Carson, chief security scientist and Advisory CISO at Delinea.

“This incident is a strong reminder to all organizations to take the time to test and validate your ransomware resiliency is working and will save you when the time is needed to respond to a security incident.”

Read more on similar attacks: Ransomware Attack Against Barcelona Hospital Disrupts Operations

Upon investigation, officials from the Nagoya Port Transport Association Terminal Subcommittee and the Aichi Prefectural Police Headquarters confirmed the cyber-attack's nature. 

Recovery measures are underway, with all stakeholders dedicating their resources to expedite the process. 

In terms of attribution, some publications reported that the Nagoya Harbor Transportation Association said the LockBit ransomware gang was behind the attack. Infosecurity could not immediately verify these claims.

The restoration of the system is targeted to be completed by 6.00pm JST today (July 5), followed by a planned resumption of operations starting at 8.30am JST on July 6 (Thursday).

In light of the ongoing recovery efforts, the Nagoya Port authorities have assured that regular updates on the progress of the restoration will be provided to the public and relevant stakeholders.

“Organizations need to stay informed about the latest ransomware trends, leverage threat intelligence sources to understand the evolving tactics, techniques, and procedures (TTPs) employed by ransomware operators, and adjust security strategies accordingly,” explained Callie Guenther, cyber threat research senior manager at Critical Start.

“By adopting a multi-layered security approach, staying proactive with updates and patches, educating employees and having a well-defined incident response plan, organizations can enhance their resilience against today’s evolving ransomware threats.”

The attack comes a few months after the UK National Cyber Security Centre (NCSC) and various international security agencies issued a fresh advisory, cautioning the public about Chinese cyber operations that aim to jeopardize vital national infrastructure networks in the US.

What’s hot on Infosecurity Magazine?