midas attacks Basra Multipurposr Terminal

Incident Date:

April 14, 2022

World map



midas attacks Basra Multipurposr Terminal


Basra Multipurposr Terminal




Um Qasr, Iraq

Um Qasr, Iraq

First Reported

April 14, 2022

Basra Multipurpose Terminal Suffers Ransomware Attack by Midas Group

Basra Multipurpose Terminal (BMT), a prominent transportation entity in Iraq, recently fell victim to a ransomware assault orchestrated by the Midas group. This incident was disclosed on the group's clandestine web leak platform, spotlighting the vulnerability of BMT, a terminal renowned for its proficiency in managing both container and general cargo. Specializing in bespoke stevedoring services for shipping lines and consignees, BMT is celebrated as the terminal of choice for one of the globe's most substantial shipping conglomerates, boasting the highest volume of cargo imported into Iraq by a single shipping line.

The transportation sector, within which BMT operates, is increasingly becoming a focal point for ransomware perpetrators, aiming to disrupt critical infrastructure and supply chains. Despite the absence of detailed information regarding the company's scale or specific susceptibilities that might have facilitated the attack on its official website, the maritime industry's exposure to such cyber threats is well-documented, with previous incidents targeting port and terminal facilities, shipbuilders, and other maritime enterprises.

The Midas ransomware collective is notorious for its global attacks on diverse organizations, leading to significant personal data breaches. Their leak site monitoring service enumerates various entities across different sectors, including transportation, that have succumbed to ransomware exploits.

In light of this attack, BMT, alongside other stakeholders in the transportation industry, is advised to bolster their cybersecurity defenses to avert future incidents. This strategy encompasses the adoption of stringent security measures, continuous updates to software and systems, and the provision of comprehensive cybersecurity training for employees.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.