DP World cyber incident shuts down Australian ports
Terminals have been shut down in Australia’s biggest ports in Sydney, Melbourne, Brisbane and Fremantle after operator DP World suffered a cybersecurity incident.
A major cybersecurity incident struck the nation’s biggest ports operator, DP World, with some freight supplies frozen after it was forced to cut off internet to the operations.
The logistics giant, owned by UAE company DP World, made the decision to close its Sydney, Melbourne, Brisbane and Fremantle ports on Friday after it “detected and began responding to” a cyber incident on Friday.
Ports Australia issued a statement clarifying that the current disruption is isolated to DP World terminals.
“Australia’s ports and other terminals remain operational,” said the peak industry body.
In an update on Sunday afternoon, DP World said in collaboration with cybersecurity experts it had made significant progress in re-establishing landside freight operations at its ports.
“To facilitate the flow of some freight, the company has activated its robust business continuity plan and is collaborating with industry partners, including other ports and terminal operators,” the company said.
“DP World Australia is working closely with government and private sector stakeholders to identify and retrieve sensitive inbound freight.”
DP World said it had launched an investigation and made significant strides in addressing the cybersecurity incident.
“Currently, DP World Australia teams are testing key systems crucial for the resumption of normal operations and regular freight movement. A further update will be provided once this testing phase is complete,” it said.
DP World said a key line of inquiry in this ongoing investigation is the nature of data access and data theft.
“DP World Australia appreciates this development may cause concern for some stakeholders. DP World Australia is working hard to assess whether any personal information has been impacted and has taken proactive steps to engage the Office of the Australian Information Commissioner.”
But it stressed that the resumption of DP World Australia’s terminal operations does not signify the conclusion of the company’s efforts.
“The company is committed to continuing its investigation and remediation work to ensure the security and integrity of our customers, partners, employees, operations, and data,” the stevedoring company said.
“DP World Australia remains resolute in its commitment to restoring normal operations as quickly and safely as possible. The company is dedicated to ensuring the continuous flow of goods and services that support Australia’s economy.”
It comes as the Maritime Union has been locked in industrial action with DP World in the last few months with a recent resolution calling for the ports operator to return to good faith bargaining and abandon attacks on workers in Brisbane, Sydney, Melbourne and Fremantle.
The cyber attack comes three days after Australia’s second biggest telco operator, Optus, were hit by a major national outage that caused chaos across the country as major businesses were left offline for much of the day.
Home Affairs minister Clare O’Neil said in a statement that the government was receiving regular briefings and wais working with DP World to understand the impact of the incident.
Earlier the inter government agency, the National Co-Ordination Mechanism met to co-ordinate a response.
Ms O’Neil said government agency the Australian Cyber Security Centre was working with DP World and was providing technical advice and assistance as needed.
The Government is receiving regular briefings and is working with DP World Australia to understand the impacts of this incident and enable engagement across government. The @CyberGovAu is engaging DP World Australia and is providing technical advice and assistance as needed.
— Clare O'Neil MP (@ClareONeilMP) November 11, 2023
More broadly, Australia has been hit by a string of attacks with Optus and Medibank in the firing line.
Russian hackers accessed the health records and other personal information from almost 10 million current and former Medibank customers. After the company refused to pay a $15m ransom, it published customer claim data for sensitive conditions – including abortions, drug and alcohol abuse and mental health disorders – on the dark web.
DP World entered the Australian market in 2006 after shelling out £3.3bn for UK’s P&O’s global operations in 2006 and a $US1.15 billion deal with CSX World Terminals in 2004.
Anthony Albanese announce earlier this year plans to set up a new agency to lead Australia’s fight against mass cyber attacks by state-sponsored hackers and criminal gangs, under a seven-year strategy to strengthen defences and end blame-shifting inside government and across the private sector.
Tasked with leading whole-of-government co-ordination and triage of major cyber incidents, similar to last year’s Optus and Medibank hacks, the cyber security chief will lead policy development and harden commonwealth digital systems.
The appointment of a new co-ordinator for cyber security, who will lead the National Office for Cyber Security within the Department of Home Affairs, follows Joe Biden’s establishment of a US Office of the National Cyber Director in 2021.
More Coverage
Richlister MacDougall adds to HITIQ backing
Former rugby league star Adam MacDougall has poured a further $3m into ASX-listed microcap HITIQ.
Foxtel boosts BINGE platform with sport, news and music
Foxtel’s entertainment streaming platform BINGE is expanding, adding live sport, news, music and lifestyle content to its slate.