Australia says cybersecurity incident at ports operator DP World ‘serious’
The Australian government on Sunday described as “serious and ongoing” a cybersecurity incident that forced ports operator DP World Australia to suspend operations at ports in several states since Friday.
DP World Australia, which manages nearly half of the goods that flow in and out of the country, said it was looking into possible data breaches as well as testing systems “crucial for the resumption of normal operations and regular freight movement.”
The breach halted operations at the containers terminals in Melbourne, Sydney, Brisbane, and Western Australia’s Fremantle since Friday.
“The cyber incident at DP World is serious and ongoing,” Home Affairs Minister Clare O’Neil said on social media platform X, formerly known as Twitter. The incident at DP World “is a reminder of the serious risk that cyber attacks pose to our country, and to vital infrastructure we all rely on,” O’Neil wrote.
DP World Australia said it made “significant progress in re-establishing freight operations at its ports, after a cyberattack limited access to several facilities across the country.
The company’s teams “are testing key systems crucial for the resumption of normal operations and regular freight movement, DP World Australia said in a statement Sunday. “A further update will be provided once this testing phase is complete.
The company, part of Dubai’s state-owned DP World, is one of a handful of stevedore industry players in the country.
The Australian Federal Police said they were investigating the incident, but declined to elaborate.
Late on Saturday, the National Cyber Security Coordinator Darren Goldie, appointed this year in response to several major data breaches, said the “interruption” was “likely to continue for a number of days and will impact the movement of goods into and out of the country.”
DP World Plc, one of the world’s largest port operators, detected a hack on Friday that forced it to restrict access to four of Australia’s biggest ports, a mass closure that threatened to disrupt supply chains for days. It’s the latest victim in a string of devastating, high-profile cyberattacks globally this year.
DP World Australia is working to assess whether any personal information has been impacted, and has taken “proactive steps to engage the Office of the Australian Information Commissioner.” The operator said it had been collaborating with cybersecurity experts.
“A key line of inquiry in this ongoing investigation is the nature of data access and data theft,” according to its statement. “DP World Australia appreciates this development may cause concern for some stakeholders.”
In the Asia-Pacific region, DP World says it employs more than 7,000 people and has ports and terminals in 18 locations.
This isn’t the first time hackers have targeted major ports. In July, Japan’s biggest maritime port was hit by the notorious hacking gang Lockbit, a ransomware group with Russian ties that was also behind this week’s ICBC attack. A month earlier, several Dutch ports including Amsterdam and Groningen faced distributed-denial-of-service attacks, known as DDoS.
In 2021, South Africa’s port and rail company was struck by a ransomware attack that forced it to declare force majeure at container terminals and switch to the manual processing of cargo.
