DP World Australia said it made “significant progress” in re-establishing freight operations at its ports, after a cyberattack limited access to several facilities across the country.
The company’s teams “are testing key systems crucial for the resumption of normal operations and regular freight movement”, DP World Australia said in a statement Sunday. “A further update will be provided once this testing phase is complete.”
DP World Plc, one of the world’s largest port operators, detected a hack on Friday that forced it to restrict access to four of Australia’s biggest ports, a mass closure that threatened to disrupt supply chains for days. It’s the latest victim in a string of devastating, high-profile cyberattacks globally this year.
DP World Australia is working to assess whether any personal information has been impacted, and has taken “proactive steps” to engage the Office of the Australian Information Commissioner. The operator said it had been collaborating with cybersecurity experts.
“A key line of inquiry in this ongoing investigation is the nature of data access and data theft,” according to its statement. “DP World Australia appreciates this development may cause concern for some stakeholders.”
Last week, Industrial & Commercial Bank of China Ltd. — the world’s biggest lender by assets — was struck by a ransomware attack that blocked some Treasury market trades from clearing and forced brokers to reroute transactions. Ransomware hackers install malware on their victims’ systems, holding them hostage until they receive payment. It wasn’t immediately clear whether ransomware was behind the attack on DP World, one of the world’s largest facilitators of global trade.
The Australian government convened crisis meetings over the weekend to coordinate a response, with National Cybersecurity Coordinator Darren Goldie saying Saturday that agencies are working with the company to resume operations.
Home Affairs Minister Clare O’Neil said Sunday the incident was “serious and ongoing”, and that the National Coordination Mechanism would meet again in the afternoon with relevant states and territories, logistics companies, other port operators and Commonwealth agencies.
“DP World manages almost 40 per cent of the goods flowing in and out of our country, and this incident is affecting the ports of Melbourne, Fremantle, Botany and Brisbane,” O’Neil wrote in posts on X, the social media platform formerly known as Twitter. “This group is working to ensure our ports and transport networks keep working while DP World resolves the incident.”
To facilitate the flow of some freight, the company has “activated its robust business continuity plan and is collaborating with industry partners, including other ports and terminal operators,” it said. “DP World Australia is working closely with government and private sector stakeholders to identify and retrieve sensitive inbound freight.”
String of Cyberattacks
The disruptions in Sydney, Melbourne, Brisbane and Fremantle threatened to hobble supply chains that were already working to fully recover from the effects of the Covid-19 pandemic. The attack also comes as DP World’s operations are embroiled in an ongoing strike by the Maritime Union of Australia over wages and better work conditions.
This isn’t the first time hackers have targeted major ports. In July, Japan’s biggest maritime port was hit by the notorious hacking gang Lockbit, a ransomware group with Russian ties that was also behind this week’s ICBC attack. A month earlier, several Dutch ports including Amsterdam and Groningen faced distributed-denial-of-service attacks, known as DDoS.
In 2021, South Africa’s port and rail company was struck by a ransomware attack that forced it to declare force majeure at container terminals and switch to the manual processing of cargo.
The incident at DP World “is a reminder of the serious risk that cyber attacks pose to our country, and to vital infrastructure we all rely on,” O’Neil wrote on X.