Basra Multipurpose Terminal Suffers Ransomware Attack by Midas Group

Basra Multipurpose Terminal (BMT), a prominent transportation entity in Iraq, recently fell victim to a ransomware assault orchestrated by the Midas group. This incident was disclosed on the group's clandestine web leak platform, spotlighting the vulnerability of BMT, a terminal renowned for its proficiency in managing both container and general cargo. Specializing in bespoke stevedoring services for shipping lines and consignees, BMT is celebrated as the terminal of choice for one of the globe's most substantial shipping conglomerates, boasting the highest volume of cargo imported into Iraq by a single shipping line.

The transportation sector, within which BMT operates, is increasingly becoming a focal point for ransomware perpetrators, aiming to disrupt critical infrastructure and supply chains. Despite the absence of detailed information regarding the company's scale or specific susceptibilities that might have facilitated the attack on its official website, the maritime industry's exposure to such cyber threats is well-documented, with previous incidents targeting port and terminal facilities, shipbuilders, and other maritime enterprises.

The Midas ransomware collective is notorious for its global attacks on diverse organizations, leading to significant personal data breaches. Their leak site monitoring service enumerates various entities across different sectors, including transportation, that have succumbed to ransomware exploits.

In light of this attack, BMT, alongside other stakeholders in the transportation industry, is advised to bolster their cybersecurity defenses to avert future incidents. This strategy encompasses the adoption of stringent security measures, continuous updates to software and systems, and the provision of comprehensive cybersecurity training for employees.

Sources

• Basra Multipurpose Terminal. (n.d.). About Us. Retrieved April 10, 2024, from http://www.bmtiq.com/.
• Hollingworth, D. (2023, January 30). MICT streamlines business continuity planning. Retrieved April 10, 2024, from https://www.ictsi.com/news/mict-streamlines-business-continuity-planning.
• Breakbulk. (n.d.). Basra Multipurpose Terminal in Development. Retrieved April 10, 2024, from https://breakbulk.com/Articles/basra-multipurpose-terminal-in-development.
• NORMA Cyber. (2023). Annual Threat Assessment. Retrieved April 10, 2024, from https://static1.squarespace.com/static/5fae4682cc2b52123f436f99/t/644a5cefc33989668ea68c92/1682595078532/NORMA%2BCyber_Annual%2BThreat%2BAssessment_2023_TLPWHITE.pdf.
• Ransomwatch. (n.d.). Ransomware Posts. Retrieved April 10, 2024, from https://privtools.github.io/ransomposts/.