Recently, Japan’s largest and busiest port, Nagoya Port, has been paralyzed due to an alleged Russian cyberattack, causing cargo transportation disruptions and operational stagnation. This port is the latest high-profile port to suffer from a ransomware attack.

In recent years, hackers have posed an increasing threat to shipping networks in the Asian region. The four giants of global shipping have all been hit hard by cyberattacks.

Nagoya Port Paralyzed by Cyberattack

On Wednesday, the Nagoya Port Transportation Management Bureau reported that ransomware (used by hackers to lock access to files and systems unless a payment is made) caused a serious failure at a container terminal in Nagoya Port, Aichi Prefecture, on Tuesday morning, rendering the port unable to load and unload containers.

The agency announced that operations are expected to resume at 8:30 am local time on Thursday.

However, the Nagoya Port Transport Association stated: “Depending on the system recovery situation, the start of work may be delayed. Please understand.”

Toyota Motor Corporation, the world’s largest automaker by sales, said that the cyberattack on Nagoya Port on Tuesday would not affect the delivery of new cars but would prevent the import and export of parts at the port until the issue is resolved.

Nagoya handles approximately 200 million tons of cargo annually, the highest among all Japanese ports. Last year, the port’s container throughput reached 2.68 million TEUs.

The Nagoya Port Transport Association reported the cyberattack to the police.

The association added that if the system interruption causes a slowdown in container transportation in the yard area, the number of container ships entering Nagoya Port will decrease, and some containers unloaded before the cyberattack cannot be transferred to trailers.

This has led to long queues of trailers near the port.

The Nagoya Port Transport Association stated that although container ships docking at Nagoya mainly carry automotive parts, they also transport food, and if the power outage lasts longer than expected, land transportation may be affected.

Hackers Pose a Serious Threat to Asian Shipping Networks

As more and more Asian ports become automated and no longer rely on paper documents, hackers pose an increasing risk to the region’s shipping networks.

In recent years, cybercriminals have targeted European ports, and pro-Russian groups have claimed responsibility for an attack on one of Europe’s largest ports last month.

On Wednesday, Kyodo News reported that the Nagoya Port Authority said the Russian ransomware organization Lockbit 3.0 was responsible for the cyberattack.

Mihoko Matsubara, Chief Cybersecurity Strategist at NTT Corporation, said that ransomware attackers tend to exploit vulnerabilities in VPNs and remote desktop protocols.

She noted that such attacks account for 80% of ransomware attacks in Japan.

“It is crucial for companies to update or patch the software used for business operations,” Matsubara said.

David Suzuki, Japan Managing Director of Singapore-based cybersecurity company Blackpanda, said that recent data breaches often involve “double extortion,” demanding ransom payments to restore stolen information and prevent its disclosure.

Japanese authorities have reported an upward trend in such cyberattacks.

Last year, a Toyota supplier in Aichi Prefecture was hit by a cyberattack, forcing 14 of its factories to halt operations.

Nagoya is one of several ports worldwide that have recently been targeted by malware attacks.

Over Christmas last year, hackers infiltrated the computer systems of Lisbon Port in Portugal, causing operations to be disrupted for several days.

In February of last year, India’s largest container port complex, Jawaharlal Nehru Port Trust (JNPT), faced ship berthing disruptions due to a cyberattack.

In April this year, three Canadian ports also experienced cyberattacks.

In 2021, South African ports and railway companies became targets of ransomware attacks, which cybersecurity experts believe are linked to Eastern European and Russian organizations.

In addition to ports, major global shipping companies have also fallen victim to cyberattacks.

The Four Giants of Global Shipping Hit Hard by Cyberattacks in Recent Years

In June 2017, Maersk (MSK) was attacked by the NotPetya ransomware, resulting in data deletion and weeks of downtime, forcing the company to reinstall 4,000 servers and 45,000 computers. This caused “serious business disruptions” and losses of up to $300 million.

In July 2018, China COSCO Shipping Corporation (COSCO) was hit by a ransomware attack, causing disruptions that lasted for weeks.

In April 2020, Mediterranean Shipping Company (MSC) was attacked by an unknown malware, which paralyzed its data center for several days.

On September 28, 2020, CMA CGM was attacked by ransomware, causing its official website to be paralyzed and inaccessible, and many of its global sites to be unable to provide normal services.

Freight forwarding companies have not been spared either.

In February 2022, Seattle-based logistics and freight giant Expeditors was hitby a cyberattack, which impacted some of its online services and caused disruptions to its operations.

The Importance of Cybersecurity in the Shipping Industry

The recent Nagoya Port cyberattack highlights the importance of implementing robust cybersecurity measures in the shipping and logistics sectors. As the reliance on technology and automation increases, so does the potential for cyberattacks to cause widespread disruptions.

Companies and organizations in the shipping industry should prioritize regular software updates, adopt multi-layered security strategies, and provide employee training on cybersecurity best practices.

Collaboration between government agencies and private sectors should also be encouraged to develop and implement comprehensive cybersecurity measures that can effectively mitigate the risks posed by cyber threats.

As the shipping industry continues to evolve, it is crucial to recognize the growing importance of cybersecurity and take proactive measures to safeguard critical infrastructure and prevent future attacks.

Let's talk and find your solution