Indian Container Terminal Diverts Ships Due to Ransomware Attack

ransomware attack on Indian container terminal — Jawaharlal Nehru Port reported handling 5.6 million TEU in 2021 at the five container terminals in the port near Mumbai (Jawaharlal Nehru Port Trust)

India’s only state-owned and operated container terminal has reportedly started turning away ships after suffering what is believed to be a ransomware attack on its computer systems. Media reports indicate that the terminal discovered the attack on February 21 and today began diverting ships to the other terminals in the complex located near Mumbai.

The Jawaharlal Nehru Port Container Terminal is one of five container terminals in India’s largest container port, Jawaharlal Nehru Port Trust, which accounts for half of all the containers handled in India. While the terminal is the smallest in the port complex, the outage comes as the government is actively pursuing the privatization of the facility. Reports indicate that a total of 12 bidders, including the large international container terminal operators, all entered bids for the privatization of the operation. The failure of its computer system highlights complaints in the industry that investments at the terminal have been lagging.

Indian media reports indicated that officials at the terminal were working feverishly all day on Monday attempting to restore their systems. However, they had warned that they would have to begin turning away ships as of Tuesday if the systems had not been restored.

Container traffic at the overall port operated by the Jawaharlal Nehru Port Trust rose by more than 25 percent in 2021 to over 5.6 million TEUs. The two largest terminals each for the first time handled more than one million TEU in the calendar year. Commissioned in 1989, the port handled approximately 55 percent of India’s container traffic in 2021.

The Jawaharlal Nehru Port Container Terminal was the first to open at the port and has more than 2,000 feet of dock space. It can handle more than one million containers annually. By some reports, the terminal is only currently handling about 500,000 TEU annually, but the government wants it to play an increasing role in the port as they grow the overall operations. The plan was to award the privatization contract by July 2022.

The four privately operated terminals in the port are reported to be operating normally and expected to handle traffic scheduled to arrive at the state-run terminal.

This is the second time in less than a year that a regional port has suffered a ransomware attack. In July 2021, Transnet which operates South Africa’s container terminal in Durban also suffered a ransomware attack that forced the port to suspend much of its operations. Transnet declared a force majeure due to the severity of the attack which also included Cape Town, Port Elizabeth, and Ngqura, and disrupted operations for nearly two weeks.