NewsBite

Advertisement

This was published 1 year ago

Major ports around Australia back in action after cyberattack

By David Swan and Sumeyya Ilanbey

Port operator DP World says it has begun resuming operations at its ports across Australia, following a cyberattack that brought its freight shipments to a halt and stoked concerns about widespread shortages ahead of Christmas.

DP World, which manages 40 per cent of Australia’s container shipments through terminals in Sydney, Melbourne, Brisbane and Fremantle, said that it expects about 4000 containers will move out of the four terminals on Monday following successful tests of key systems overnight.

DP World was forced to shut down its landside operations across the country over the weekend.

DP World was forced to shut down its landside operations across the country over the weekend.Credit: Fairfax Media

The attack had stranded an estimated 30,000 shipping containers across DP World’s yards nationally.

“The ongoing investigation and response to protect networks and systems may cause some necessary, temporary disruptions to their services in the coming days,” a DP World spokesman said.

“This is a part of an investigation process and resuming normal logistical operations at this scale.”

Experts predicted the fall-out could last weeks and ripple through the broader economy, an outcome that now appears unlikely, while supermarket giants Woolworths and Coles both expect to remain unaffected by the disruptions.

The owner of liquor giant Dan Murphy’s, Endeavour Group, said on Monday it did not expect to be affected by the shutdown as its stock for Christmas had already arrived in the country.

The spokesman said DP World would continue to work closely with the government including Cyber Security Minister Clare O’Neil and Minister for Infrastructure Catherine King, as well as the Australian Federal Police and the National Cyber Security Coordinator.

“Importantly, the resumption of port operations does not mean that this incident has concluded,” the spokesman said.

Advertisement

“DP World Australia’s investigation and ongoing remediation work are likely to continue for some time.”

Shipping containers are typically used to carry household goods, furniture, electronics and toys that are then trucked to distribution centres and onto retailers.

‘It would be a mistake for businesses to continue to think of these events as black swans. They are not.’

Thomas Dukes, a cyber security official in Barack Obama’s administration

The attack caps a torrid week for Australian critical infrastructure after Optus’ telecommunications network suffered an extended outage on Wednesday, affecting some 10 million customers.

Thomas Dukes, the former Deputy Coordinator for Cyber Issues for the Obama administration, said in an interview that cyberattacks against critical infrastructure like ports are becoming increasingly common. Dukes has recently been appointed a director of Australian law firm Biztech Lawyers.

“It would be a mistake for businesses to continue to think of these events as black swans. They are not,” he said.

“The fact that both a shipping port operator and Optus have been impacted just underscores how reliant we are on critical infrastructure. In the US, both ports and telecommunications fall under the definition of critical infrastructure when it comes to cybersecurity. I’m heartened to see in Australia that telecommunications will be treated the same way as ports, energy, hospitals and utility assets with annual sign-offs for cyber risk management programs.

“Boards critically need sophisticated legal, compliance and risk advisors to help directors and management prepare for these types of events, appropriately manage the risks and navigate the inevitable incidents.”

A source close to DP World told this masthead the incident was not a ransomware attack, and that the company had disconnected its systems from the internet to stop the attack in its tracks.

The former head of the Australian Cyber Security Centre, Alastair MacGibbon, who is advising DP World, said the top priority was to get the company’s shipping containers moving again.

“What we know is there was unauthorised activity in the system,” the chief strategy officer at CyberCX told Nine’s Today show on Monday.

“A pretty brave and smart move was taken to pull the plug, so to speak, on the internet. What that has done, it’s protected the organisation against potential future harm.”

On Sunday, O’Neil described the hack as serious and ongoing.

“This incident is a reminder of the serious risk that cyberattacks pose to our country, and to vital infrastructure we all rely on,” she said.

Meanwhile, Federal MPs have admitted they do not fully understand Australia’s cybersecurity weaknesses or how they could improve laws to ward off cyberattacks that could cripple the nation’s critical infrastructure services.

The Australian Strategic Policy Institute’s world-first study questioned MPs from the last federal parliament and found members were “not educated on the nature, nomenclature and nuances of critical technology and cybersecurity”, in a worrying sign as the country grapples with cyberattacks and deals with the rise of artificial intelligence.

Head of Australian Cyber Security Centre, Alastair MacGibbon, speaks to the media at Parliament House in Canberra. Photo: Dominic Lorrimer

Head of Australian Cyber Security Centre, Alastair MacGibbon, speaks to the media at Parliament House in Canberra. Photo: Dominic LorrimerCredit: Dominic Lorrimer

“[Parliamentarians] openly admitted to being struck by how little they know about the opportunities and threats in these domains and how quickly those evolving fields are moving beyond their understanding,” the report stated.

“As one parliamentarian put it, Australian policymakers interested in deepening their understanding of cyber and critical infrastructure ‘don’t know what they don’t know’ and rely almost completely on experts to provide digestible information and guidance.”

Twenty-four MPs, or about 10 per cent of the last parliament, were interviewed face-to-face, a sample size that ASPI said was “sufficiently representative”.

MPs told researchers, led by former federal MP Gai Brodtmann, they lacked sufficient education on quantum technology, computing, engineering, artificial intelligence, cybersecurity technology, and critical infrastructure such as energy.

ASPI cyber, technology and security director Alex Caples said this week’s cyberattack at DP World, and the data breach at Optus last year, demonstrate the importance of MPs to be better educated so they can help strengthen the country’s resistance against cyberattacks.

“You need only look at the economic impact of the Optus outage last week, and the port delays resulting from the DP World breach, to see how disruptions of critical infrastructure can have compounding and cascading effects,” Caples said.

Additional reporting: Colin Kruger

The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.

Most Viewed in Business

Loading

Original URL: https://www.watoday.com.au/link/follow-20170101-p5ejk8