On the morning of July 4th, 2023, the Nagoya Harbor Transportation Authority in Japan had trouble accessing their central computer systems and discovered that they had been hacked by LockBit 3.0 ransomware. The ransom demand was received through an office printer that confirmed the attack and the identity of the perpetrator. As a result of the attack, the port was unable to operate for two days. This is not the first time that the Nagoya Port has been targeted by cyber criminals. In the fall of 2022, the port’s website was down for nearly an hour because of a DDoS attack by hacktivist group, KillNet. A DDoS, or Distributed Denial-of-Service Attack, is a method that overloads the victim’s system infrastructure or server with internet traffic so that users can’t access the site’s services.
LockBit 3.0, a Russia-based ransomware gang, has successfully attacked 10 new victims within the first week of July, one of them being Taiwanese company TSMC, the world’s most valuable and biggest semiconductor chip manufacturer. The Ise Bay port is Japan’s busiest and largest port and has many major companies that import and export via its terminals, including Toyota. Due to this disruption, the country’s largest car manufacturer had to halt operations for two days while the port worked to restore their systems (they resumed operations on July 6th). Just the two days of downtime caused significant impacts on Japan’s economy and supply chain as a whole.
Attacks on maritime ports are nothing new in the cybersecurity industry. There have been documented attacks on ports in Portugal, Canada, and the US, which is why it is so crucial for companies, and governments, to approach cybersecurity preparedness with the utmost seriousness.
Chief of Port & Facility Compliance and U.S. Coast Guard Captain, Andy Myers, states that “…protecting the marine transportation system from cyber threats is a shared responsibility requiring both government and industry participation.”
Cybercrime is evolving just as rapidly as technology, and the techniques of cybercriminals are becoming more sophisticated and targeted. It’s crucial for those operating within the realm of critical infrastructure to have defense and response strategies in place to help manage their risk of attack and to respond appropriately if an attack does occur.