Shipping containers are seen at a port in Tokyo, Japan
In photo: shipping containers are seen at a port in Tokyo, Japan. Reuters

KEY POINTS

  • Resumption of operations was delayed due to inspection of the hacked system
  • The Nagoya Harbor Transportation Association said it didn't pay for LockBit's ransom demand
  • TSMC confirmed a data breach on one of its hardware suppliers

Japan's largest port in terms of cargo, the Port of Nagoya, resumed operations Thursday afternoon, two days after its system was hacked by Russian group LockBit 3.0. Operations resumed hours after the Nagoya Harbor Transportation Association regained access to its system.

The port's United Terminal System was reportedly held hostage by the Russian hacking group's ransomware attack Tuesday morning, resulting in a two-day standstill until the association regained access to the system, as per Japan Times.

While access was regained Thursday morning, an inspection of the backup data for potential viruses delayed the resumption of operations through the afternoon, the group said. Cargo trucks thronged the port as frustrated drivers waited for the port to reopen for operations.

Suzu Takahashi, a public relations official at Toyota, said the hack did not affect the shipment of new cars, but the transport of imported and exported auto parts has been temporarily halted.

The Nagoya port is crucial to Toyota's exports and imports and the system downtime resulted in the company being unable to load and unload auto parts.

"It would be terrible if something like this happened repeatedly, so we must get to the bottom of this and take defensive measures to prevent it from happening again," said Aichi Prefecture Gov. Hideaki Omura.

The association said it did not pay ransom money to the hackers, adding that Aichi police have launched an investigation into the incident.

Container ships using the Nagoya port also transport other goods besides car parts and vehicles. They also carry household appliances and some food products, the Asahi Shimbun reported.

News of the ransomware attack on Japan's largest port came about a week after Taiwanese semiconductor behemoth TSMC confirmed that one of its hardware suppliers, Kinmax Technology, suffered a data hacking breach. The chip giant confirmed the hack didn't affect its business operations, CNN reported.

Russia-linked LockBit previously listed TSMC as a victim on its dark web leak site, multiple outlets reported.

The hacker gang threatened to publish data it supposedly stole from the company and demanded a $70 million ransom. "In the case of payment refusal, also will be published points of entry into the network and passwords and logins company," LockBit wrote on its leak site, as per TechCrunch. However, LockBit did not provide any evidence of the data it claimed to have ripped from TSMC.

The chipmaker shared a copy of communication it received from Kinmax to TechCrunch wherein the hardware supplier apologized for the inconvenience "to the affected customers," suggesting that other than TSMC, there were other partners affected by the data breach.

The recent hackings related to LockBit came weeks after the U.S. Justice Department revealed it has arrested and charged a Russian national who was allegedly involved in multiple LockBit ransomware attacks targeted at American and international victims.

The Federal Bureau of Investigation (FBI) has been investigating the Russia-linked group since March 2020, according to an unsealed criminal complaint against 20-year-old Russian Magomedovich Astamirov, who was allegedly a member of LockBit since around August 2020.

Read more