Ransomware Attack Cripples Indian Port Container Terminal JNCPT

December 26, 2022


Jawaharlal Nehru Port Container Terminal was hit by a suspected ransomware attack. JNPCT operations are down and they are unable to process containers. Vessels were diverted and JNPCT stopped accepting ships for loading/unloading at the port.

JNPCT is owned and operated by the port authority, while the other terminals are private. This mirrors a NotPetya attack that occurred at the Gateway Terminal India (GTI) terminal at the same port, owned by Danish AP Moller-Maersk (APM), in 2017. At the time, 17 APM terminals around the world were hit simultaneously.

Incident Date

February 21, 2022



Estimated Cost


Type of Malware

No Malware identified

Threat Source

No threat source identified