The Port of Nagoya, the largest and busiest port in Japan, was targeted this week in a ransomware attack. The incident impacted the operation of container terminals, with the port authority only recovering operations on July 6, 2023. The port is run by the Nagoya Harbor Transportation Authority.
According to the port authority: “Upon investigating the cause, we held a meeting with the Nagoya Port Operation Association Terminal Committee, who operates the system, and the Aichi Prefectural Police Headquarters [and] it was discovered that the issue was a ransomware infection.”
Bloomberg reports that the cyberattack caused the container terminal at the port in Aichi Prefecture to suspend all operations on July 4th.
Looking into this major scale incident for Digital Journal is Nick Tausek, Lead Security Automation Architect at Swimlane.
Tausek assesses the scale of the attack and how quickly it happened, pinpointing an associated vulnerability: “This ransomware attack on the Port of Nagoya in Japan demonstrates just how easily cyberattacks can impact the global supply chain and lead to significant financial losses.”
As more Asian ports automate and move away from paper documentation, hackers pose a growing problem to the region’s shipping networks.
With the specifics of the incident, Tausek finds: “In this case, the port has completely halted operations that control 10 percent of Japan’s total trade volume and is leveraged by major Japanese organizations.”
There are measures that the Port could have taken to resists the attacks, with Tausek sees as: “To prevent ransomware attacks such as the one on the Port of Nagoya from further disrupting the supply chain and halting crucial shipping processes, organizations must ensure cybersecurity best practices remain top-of-mind.”
Similar incidents have occurred at other ports worldwide, including the Port of Lisbon in Portugal, and major ports in Canada during 2023.
Drawing out the lesson more widely, Tausek offers advice for other companies that might end up in a similar situation, recommending: “Security automation tools, especially those that leverage low-code principles, can accelerate security teams’ capabilities to keep pace with the evolving threat landscape, especially as threat actors continue to adopt their own automation techniques to target critical infrastructure.”
Tausek also advise that: “Using these tools lessens the burden on security operations so they can focus on critical alerts, ultimately keeping crucial businesses and their correlating operations up and running without disruption.”
