Toyota shipping hub paralyzed in LockBit attack

Russia-linked ransom gang LockBit has attacked the Port of Nagoya, Japan’s busiest cargo port and a gateway for car manufacturer Toyota.

The operations of Japan’s largest cargo port have resumed after a more than two-day disruption by a ransomware attack on its computer systems.

The system failed at around 6:30 a.m. on Tuesday (July 4th) when an employee could not start a computer and was fixed at about 7:30 a.m. on Thursday (July 6th), according to the Nagoya Harbor Transportation Association.

The association said the Russia-based LockBit gang had demanded ransom in exchange for the system recovery. Port authorities said they had not been in contact with LockBit and had not heeded ransom demands.

Container movements at the port partially restarted on Thursday afternoon, according to Kyodo News. Port authorities initially planned to resume operations in the morning, but repair works on the infected computer system took longer than expected, it reported.

The Port of Nagoya is a shipping hub for companies based in the surrounding Aichi region, including Toyota, which said it could not load or unload parts due to the glitch.

However, the automaker said that the loading and unloading of complete vehicles were not affected because it is managed using a different computer system, according to Kyodo News.

The Aichi prefectural police are investigating the cyberattack.

The LockBit ransomware gang has been operating since at least 2019 and is notorious for using malware of the same name. The gang has grown to become one of the most prolific ransomware syndicates in the world, boasting more than 1,800 victims.

It primarily employs the Ransomware-as-a-Service model (RaaS), keeping a portion of the ransom profits paid to the affiliates who carry out the attacks.