Japan’s largest port targeted by Russian hackers

Japan’s Port of Nagoya is suspected to be the latest target of LockBit 3.0, a hacker group based in Russia.

The cyber hack was noticed on Tuesday at 6:30 a.m. (JST) when an employee was unable to start the computer, according to Nagoya Port Authority.

Through the hacked system, LockBit 3.0 accessed a printer where they printed their ransom demand, money in exchange for recovering the system.

The group has installed ransomware to infect the computer system. Ransomware is malicious software designed to block access to a computer system by encrypting data until a sum of money is paid.

Without paying the ransom, the only way to reclaim access to the system is by restoring all the locked files, given their back-ups are available – which takes time.

A police investigation has been launched. It is known that the police have initiated a probe, but no other information has been made available as of yet.

The computer system is called the Nagoya Port Unified Terminal System, locally known as NUTS. NUTS is responsible for handling all trucking and gate operations. With the system down, the port’s ability to load and unload containers from the trucks bringing them in has halted.

The Nagoya Harbour Transport Association have suspended all operations related to moving containers at the port until the issue is resolved.

The association planned to restore NUTS at 6 p.m. Wednesday, but said it will resume gate operations Thursday morning. At this time, the port’s status is unclear.

As a result of the hacking, there is congestion for trucks waiting to be loaded/unloaded.

In an interview with local news outlet Kyodo News, a truck driver said, “If these many trucks resume operation all at once, it would be very crowded. It seems tough even after the system recovers.”

The Port of Nagoya, located in Japan’s prefecture of Aichi, has been Japan’s largest port since 2002 by total cargo throughput, having reached a total throughput of 177.79 million tonnes in 2021.

The port is also responsible for handling some of Toyota Motor Corporation’s exports and imports. Toyota has said that, due to the hack, they are unable to load or unload auto parts this time.

If confirmed the hack was organised by LockBit 3.0, it will have been the second major port they have targeted. On Christmas Day, 2022, the group compromised the network of the Port of Lisbon and stole financial reports, budgets, personal data of customers as well as mail correspondence of the staff. They sort to extort the port authority of $1.5 million.

Lockbit 3.0 emerged as the leading successor of the Russian Conti ransomware group, which disbanded in early 2022.

To stay up-to-date with the latest updates and other industry news and head to the Freightplus Newsroom or get in contact with the Freightplus team.