Jul 5 – On Tuesday, Japan’s largest maritime port was hit by a cyber attack, resulting in shipment delays and disrupted regional business operations.

Specifically, the ransomware created a temporary outage of a Port of Nagoya container terminal. According to authorities, operations are expected to resume on Thursday at 8:30 a.m. local time.

As an increasing number of ports automate and move away from paper documentation, hackers pose a growing threat to the region’s shipping networks. Cyber adversaries have targeted a handful of European ports in recent years.

Lockbit 3.0

The Nagoya port authority mentioned that Russia-based ransomware group, Lockbit 3.0 was responsible for the incident. In general, ransomware attackers commonly target vulnerabilities in VPNs and remote desktop protocols, said Mihoko Matsubara, NTT Corp.’s chief cyber security strategist. She noted that these kinds of breaches account for 80% of all Japan-focused ransomware attacks.

Recent ransomware-based breaches have also involved “double extortion,” where ransom is demanded for the recovery of stolen information and/or for refraining from public disclosure of the information.

Toyota Motor Corp.

Toyota Motor Corp., the world’s largest car manufacturer by units sold, stated that the attack in Nagoya won’t yet affect the shipment of new cars. However, imported and exported parts cannot be loaded or unloaded at the port until the cyber issue is resolved.

For more insights into this story, please visit Bloomberg. Also, be sure to check out The CISOs Guide to Ransomware. To receive more timely cyber security news, insights into emerging trends and cutting-edge analyses, please sign up for the cybertalk.org newsletter.