Cyberattack keeps Australian ports offline, detaining containers

Cyberattack keeps Australian ports offline, detaining containers

Australia is assessing the logistical impact of a cyber attack which has paralyzed some of its largest ports since Friday and said the disruptions will continue for several more days, a massive shutdown that threatens to disrupt supply chains across the country and globally.

DP World Plc said on Sunday it has made “significant progress” in restoring cargo operations after an attack forced it to restrict access to four of the country’s largest ports. Still, its IT system remains disconnected from the Internet since the attack was detected on Friday, severely impacting operations, according to the government.

DP World Australia has not received a ransom demand, the Australian Financial Review reported, citing company official Nicolaj Noes, who oversees the business in Oceania. He does not know which organization is responsible for the attack or where the hackers are from, the newspaper quoted him as saying.

“While I understand that there is interest in determining who may be responsible for the cyber incident, our primary focus at this time remains on resolving the incident and supporting DP World to restore its operations” and restart cargo shipments, said the National Coordinator of Government Cybersecurity, Darren Goldie. wrote in X.”We continue to develop our understanding of the flow of impacts on Australia’s logistics system“.

DP World, one of the world’s largest port operators, is the latest victim of a series of devastating, high-profile global cyberattacks this year. Last week, Industrial & Commercial Bank of China Ltd., the world’s largest lender by assets, was hit by a ransomware attack that blocked the clearing of some trades in the Treasury market and forced brokers to divert transactions.

Ransomware hackers install malware on their victims’ systems, holding them hostage until they receive payment. It was not immediately clear whether ransomware was behind the attack on DP World, one of the world’s largest global trade facilitators.

This incident is a reminder of the serious risk that cyber attacks pose to our country, and to vital infrastructure we all rely on.

— Clare O’Neil MP (@ClareONeilMP) November 12, 2023

Disruptions at the ports of Sydney, Melbourne, Brisbane and Fremantle threatened to hamper supply chains already working to fully recover from the effects of the Covid-19 pandemic. The attack also comes as DP World’s operations are embroiled in an ongoing Australian Maritime Union strike over wages and better working conditions.

‘Serious risk’
DP World handles almost 40% of the goods entering and leaving Australia and “this incident is a reminder of the serious risk that cyber attacks pose to our country and the vital infrastructure we all depend on,” the Home Secretary said. , Clare O’Neil. she wrote in posts on X. Authorities are “working to ensure our ports and transportation networks continue to operate while DP World resolves the incident,” it said.

Around 30,000 freight containers are blocked entering and leaving DP World terminalsThe Australian Financial Review said. Ships can still load or unload containers, but trucks cannot enter terminals to pick up or drop off their shipments because the systems are offline, it said.

“DP World today informed the Australian government that the timeline for disruptions to continue is likely to be several days, rather than weeks,” Goldie said on Sunday.

Police are still investigating the cyberattack, Goldie said. DP World Australia is working to assess whether any personal information has been affected and has taken “proactive steps” to involve the Office of the Australian Information Commissioner. The operator said he had been collaborating with cybersecurity experts.

“A key line of inquiry in this ongoing investigation is the nature of the data access and theft,” the company said in a statement on Sunday. “DP World Australia appreciates that this development may cause concern to some stakeholders“.

DP World Australia said its top priority was the safe restoration of terminal operations. The company’s teams are testing key systems that are crucial for the resumption of normal operations and regular movement of cargo, it said, adding that it will provide updates once the phase is complete.

To facilitate the flow of some cargoes, the company has “activated its robust business continuity plan and is collaborating with industry partners, including other ports and terminal operators” he said. “DP World Australia is working closely with government and private sector stakeholders to identify and recover sensitive incoming cargo.”

Cyber ​​attack chain

This is not the first time hackers have attacked major ports. In July, Japan’s largest seaport was attacked by the notorious Lockbit hacker gang, a ransomware group with ties to Russia that was also behind this week’s ICBC attack. A month earlier, several Dutch ports, including Amsterdam and Groningen, faced distributed denial-of-service attacks, known as DDoS.

In 2021, the South African port and railway company was affected by a ransomware attack that forced it to declare force majeure at container terminals and move to manual processing of the load.

Leave a comment