Nagoya Port, Japan’s largest and busiest port, has been the target of a ransomware attack that is currently affecting the operation of container terminals.

The port accounts for about 10% of Japan’s total trade volume. It operates 21 quays and 290 berths. It handles over two million containers and 165 million freight tonnage every year.

The port is also used by Toyota Motor Corporation, one of the largest automobile manufacturers in the world, to export most of its cars.

Container processing interrupted

Today, the Nagoya Port Administrative Authority issued a notice regarding a malfunction of the Nagoya Port Unified Terminal System (NUTS) – the central system controlling all container terminals in the port.

According to the advisory, the issue was caused by a ransomware attack that occurred on July 4, 2023, around 06:30 am local time.

The Port Authority is working to restore the NUTS system by 6.00pm today and plans to resume operations by 8.30am tomorrow.

Until then, all container loading and unloading operations at the terminals using trailers have been canceled, resulting in massive financial losses for the port and serious disruptions in the movement of goods to and from Japan.

The Nagoya Port Authority has faced cyberattacks before, but it seems this one is having the biggest impact. On September 6, 2022, the port’s website remained inaccessible for approximately 40 minutes due to a distributed denial of service attack (DDoS) launched by the pro-Russian group Killnet.

At the time of publication, the threat actor behind the ransomware attack on Nagoya Port remains unknown, as no threat actor has yet publicly claimed responsibility for the intrusion.