Australian Authorities Meet as DP World Shuts Ports on Cyber Act

Sharon Klyne and Lynn Doan, Bloomberg News

(Bloomberg) -- A cyberattack against one of the world’s largest facilitators of global trade has limited access to several ports across Australia, a mass closure that threatens to disrupt supply chains for days.

DP World Plc detected a hack on Friday that forced it to restrict access to four of the nation’s largest ports. The government convened a crisis meeting on Saturday to coordinate a response, and National Cybersecurity Coordinator Darren Goldie said agencies will continue discussions on Sunday and work with the company to resume operations.

“Our priority is to assist DP World Australia to resolve the incident, so they are in a position to restore access to the ports they operate across the country,” Goldie said in posts on X, the social-networking platform formerly known as Twitter. “This interruption is likely to continue for a number of days and will impact the movement of goods into and out of the country.”

DP World, one of the largest port operators globally, is the latest victim in a string of devastating, high-profile cyberattacks globally this year. Earlier this week, Industrial & Commercial Bank of China Ltd. — the world’s biggest lender by assets — was struck by a ransomware attack that blocked some Treasury market trades from clearing and forced brokers to reroute transactions. Ransomware hackers install malware on their victims’ systems, holding them hostage until they receive payment. It wasn’t immediately clear whether ransomware was behind DP World’s attack.

DP World is still working to contain the situation and determine the effect on its systems and data, the company said in an emailed statement Saturday. It said it was forced to cut off access to Australian port operations to safeguard employees, clients and its networks.

The disruptions in Sydney, Melbourne, Brisbane and Fremantle threaten to hobble supply chains that were already working to fully recover from the effects of the Covid-19 pandemic. The attack also comes as DP World’s operations are embroiled in an on-going strike by the Maritime Union of Australia over wages and better work conditions.

This isn’t the first time hackers have targeted major ports. In July, Japan’s biggest maritime port was hit by the notorious hacking gang Lockbit, a ransomware group with Russian ties that was also behind this week’s ICBC attack. A month earlier, several Dutch ports including Amsterdam and Groningen faced distributed-denial-of-service attacks, known as DDoS.

In 2021, South Africa’s port and rail company was struck by a ransomware attack that forced it to declare force majeure at container terminals and switch to the manual processing of cargo.

Over the weekend, DP World told the AFR that it’s working to ensure sensitive inbound freight shipments can be prioritized and retrieved.

The Australian Cyber Security Center is working with DP World and is providing technical advice and assistance, Goldie said. Meetings earlier involved the National Coordination Mechanism and the National Emergency Management Agency to “consider and address impacts arising from the cyber incident,” he said.

The National Coordination Mechanism brings together various agencies of the federal, state and territory governments in Australia with industry and private sector stakeholders to respond to crises in the country, according to its website. Formed to tackle the Covid-19 pandemic’s impact, the mechanism is now a part of the crisis management framework of Australia.

--With assistance from Anto Antony.