Critical Infrastructure Security
,
Geo-Specific
‘Nationally Significant Cyber Incident’ Impacts Imports and Exports
A cybersecurity incident at an operator of major Australian maritime ports caused what a government official on Saturday called a “nationally significant” outage frustrating the movement of goods in and out of the country.
See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases
The Sydney Morning Herald reports that Dubai-based DP World’s Australian subsidiary detected the incident on Friday and closed landside access to its port areas that night.
The outage affects ports in Sydney, Melbourne, Brisbane and Fremantle, said Air Marshal Darren Goldie, Australia’s recently appointed national cyber security coordinator. “The Australian government is responding to a nationally significant cyber incident impacting a number of maritime port facilities,” he tweeted.
DP World Australia handles roughly 40 percent of Australia’s international container cargo each year, amounting to more than 3 million individual containers. The incident will likely be felt “for a number of days” and affect imports and exports, Goldie said.
DP World Australia is one of three stevedores in the Melbourne, Sydney and Brisbane ports and one of two operators in Fremantle. A Fremantel spokesperson told the Sydney Morning Herald that DP World continues to unload and load ships but that trucks cannot enter the port laydown area to retrieve or deposit containers.
Home Affairs and Cybersecurity Minister Clare O’Neil said the government is providing technical assistance. It is using a method known as the National Coordination Mechanism previously deployed during emergencies including the novel coronavirus pandemic and floods to coordinate the response.
“The government is receiving regular briefings and is working with DP World to understand the impacts across the supply chain,” tweeted Catherine King, minister for infrastructure and transport.
DP World in a statement said it “took immediate action, including disconnecting the internet connectivity, which stopped any ongoing unauthorized access to their network.”
“This was necessary to contain the incident and minimize the impact on employees, customers, suppliers and other stakeholders,” it added.
An Australian Federal Police spokesperson told Information Security Media Group that it has initiated an investigation into the incident but did not disclose details, such as whether the incident is a ransomware attack. “As the matter is ongoing, it would not be appropriate to comment,” the AFP spokesperson said.
The news of the hack comes as the logistics giant faces rolling strikes by the Maritime Union of Australia, including work stoppages and bans on loading and unloading trucks.