Critical Infrastructure Security , Geo-Specific
Major Australian Ports Affected by Cyber Incident
'Nationally Significant Cyber Incident' Affects Imports and ExportsA cybersecurity incident at an operator of major Australian maritime ports caused what a government official on Saturday called a "nationally significant" outage frustrating the movement of goods in and out of the country.
See Also: Expert Panel | ANZ's Guide to Data Classification: The Foundation of Cybersecurity Compliance
The Sydney Morning Herald reported that Dubai-based DP World's Australian subsidiary detected the incident on Friday and closed landside access to its port areas that night.
The outage affects ports in Sydney, Melbourne, Brisbane and Fremantle, said Air Marshal Darren Goldie, Australia's recently appointed national cybersecurity coordinator. "The Australian government is responding to a nationally significant cyber incident impacting a number of maritime port facilities," he tweeted.
DP World Australia handles roughly 40% of Australia's international container cargo each year, amounting to more than 3 million individual containers. The incident will likely be felt "for a number of days" and affect imports and exports, Goldie said.
DP World Australia is one of three stevedores in the Melbourne, Sydney and Brisbane ports and one of two operators in Fremantle. A Fremantle spokesperson told The Sydney Morning Herald that DP World continues to unload and load ships but that trucks cannot enter the stevedore's laydown area to retrieve or deposit containers. The port's other operator is unaffected by the hack, the spokesperson said.
Home Affairs and Cybersecurity Minister Clare O'Neil said the government is providing technical assistance. It is using a method known as the National Coordination Mechanism, which was previously deployed during emergencies including the novel coronavirus pandemic and floods, to coordinate the response.
"The government is receiving regular briefings and is working with DP World to understand the impacts across the supply chain," tweeted Minister for Infrastructure, Transport, Regional Development and Local Government Catherine King.
DP World in a statement said it had taken "immediate action, including disconnecting the internet connectivity, which stopped any ongoing unauthorized access to their network."
"This was necessary to contain the incident and minimize the impact on employees, customers, suppliers and other stakeholders," it added.
An Australian Federal Police spokesperson told Information Security Media Group that the police have initiated an investigation into the incident but did not disclose details such as whether the incident is a ransomware attack. "As the matter is ongoing, it would not be appropriate to comment," the AFP spokesperson said.
The news of the hack comes as the logistics giant faces rolling strikes by the Maritime Union of Australia, including work stoppages and bans on loading and unloading trucks.