Lockbit 3.0 Claims Credit for Ransomware Attack on Japanese Port

After a ransomware attack shuttered operations at container terminals at the Port of Nagoya in Japan, the Lockbit 3.0 ransomware gang claimed responsibility and demanded the port pay up.

The attack on the port, which is responsible for 10% of the country’s cargo trade and is used by companies like Toyota Motor Corporation, was attacked on July 4, 2023, forcing the suspension of all container trailer operations, according to a notice from the Nagoya Harbor port authority.

The port authority said at the time it was working tirelessly to get the Nagoya Port Unified Terminal System (NUTS) back up and restart operations quickly. While authorities did not name perpetrator in the attack, Lockbit 3.0 eventually claimed credit.

“This incident at the Port of Nagoya highlights the serious vulnerabilities that critical infrastructure faces in the digital age,” said Craig Jones, vice president of security operations at Ontinue.

“Ransomware attacks are a growing concern for both private corporations and public entities, and this case underscores the potential for significant disruption to essential services and supply chains,” said Jones. “It’s clear that such attacks not only pose security risks but also can have considerable economic impacts.”

He added that since “the Port of Nagoya is Japan’s busiest port, handling approximately one-tenth of the country’s total trade volume, the effects of this disruption are likely to be far-reaching and could possibly ripple through the global economy.”

It could also have resounding and profound effects on a supply chain already marked by unprecedented disruption. “The impact may be especially significant considering the current global supply chain issues already exacerbated by the COVID-19 pandemic,” Jones said.

The security community is well-acquainted with Lockbit 3.0, the pro-Russian cybercriminal gang that said it was behind the attack on the port. “Lockbit 3.0, also known as Lockbit Black, represents a new era of ransomware sophistication. The Cybersecurity and Infrastructure Security Agency (CISA) previously warned about its modular and evasive nature, drawing similarities with other notorious ransomware variants such as…