Port of Nagoya Underwent Extortion Attack
The port of Nagoya, Japan’s largest and most vibrant seaport, was targeted in an extortion attack involving data encryption, causing significant disruptions to container terminals.
Accounting for approximately 10% of Japan’s total trade, the port of Nagoya boasts 21 piers and 290 parking lots. It handles over two million containers and 165 million tons of cargo annually.
Notably, Toyota Motor Corporation, one of the world’s largest automakers, heavily relies on the port of Nagoya for exporting most of their cars.
Today, the administrative body of the port of Nagoya published a notification regarding the failure in the “Unified terminal system of the port of Nagoya”. This central system controls all container terminals within the port. According to the notification, the system was attacked by extortionist cyphers on July 4, 2023, at approximately 06:30 local time.
“When investigating the cause, we held a meeting with a special subcommittee of the Nagoya port transport association, which oversees the entire system, as well as the main management of the IT Prefecture Police. It was determined that the incident was caused by an infection with extortion software,” stated the notification.
The system is expected to be restored by 18:00 today. However, until then, all loading and unloading operations for containers using trailers have been suspended. Consequently, the port has incurred significant financial losses and experienced severe disruptions in the transportation of goods.
This is not the first time Nagoya has faced cyber attacks. On September 6, 2022, the port’s website was temporarily unavailable for approximately 40 minutes due to a DDoS attack, suspected to be orchestrated by the Killnet attackers group. However, the current extortion attack is expected to cause far greater damage to the port and the organizations utilizing its services for goods transportation.
As of now, the identity of the attackers behind the extortion attack on the port of Nagoya remains unknown. No cybercrime group has taken responsibility for the attack publicly.