Critical Infrastructure Security , Geo-Specific

Major Australian Ports Affected by Cyber Incident

'Nationally Significant Cyber Incident' Affects Imports and Exports
Major Australian Ports Affected by Cyber Incident
Containers stacked at the Brisbane port in 2020 (Image: Shutterstock)

A cybersecurity incident at an operator of major Australian maritime ports caused what a government official on Saturday called a "nationally significant" outage frustrating the movement of goods in and out of the country.

See Also: Expert Panel | ANZ's Guide to Data Classification: The Foundation of Cybersecurity Compliance

The Sydney Morning Herald reported that Dubai-based DP World's Australian subsidiary detected the incident on Friday and closed landside access to its port areas that night.

The outage affects ports in Sydney, Melbourne, Brisbane and Fremantle, said Air Marshal Darren Goldie, Australia's recently appointed national cybersecurity coordinator. "The Australian government is responding to a nationally significant cyber incident impacting a number of maritime port facilities," he tweeted.

DP World Australia handles roughly 40% of Australia's international container cargo each year, amounting to more than 3 million individual containers. The incident will likely be felt "for a number of days" and affect imports and exports, Goldie said.

DP World Australia is one of three stevedores in the Melbourne, Sydney and Brisbane ports and one of two operators in Fremantle. A Fremantle spokesperson told The Sydney Morning Herald that DP World continues to unload and load ships but that trucks cannot enter the stevedore's laydown area to retrieve or deposit containers. The port's other operator is unaffected by the hack, the spokesperson said.

Home Affairs and Cybersecurity Minister Clare O'Neil said the government is providing technical assistance. It is using a method known as the National Coordination Mechanism, which was previously deployed during emergencies including the novel coronavirus pandemic and floods, to coordinate the response.

"The government is receiving regular briefings and is working with DP World to understand the impacts across the supply chain," tweeted Minister for Infrastructure, Transport, Regional Development and Local Government Catherine King.

DP World in a statement said it had taken "immediate action, including disconnecting the internet connectivity, which stopped any ongoing unauthorized access to their network."

"This was necessary to contain the incident and minimize the impact on employees, customers, suppliers and other stakeholders," it added.

An Australian Federal Police spokesperson told Information Security Media Group that the police have initiated an investigation into the incident but did not disclose details such as whether the incident is a ransomware attack. "As the matter is ongoing, it would not be appropriate to comment," the AFP spokesperson said.

The news of the hack comes as the logistics giant faces rolling strikes by the Maritime Union of Australia, including work stoppages and bans on loading and unloading trucks.


About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.