Australian Federal Police are investigating a cybersecurity incident that has paralyzed Australia’s second-largest port operator, which manages container terminals in Sydney, Melbourne, Brisbane, and Fremantle.
DP World Australia is responsible for 40% of Australia’s maritime freight and shuttered operations on Friday after a cybersecurity incident.
“The company, in collaboration with cybersecurity experts, has worked tirelessly, making significant progress in re-establishing landside freight operations at its ports,” DP World Australia said in a statement.
Bloomberg reported Sunday that DP World Australia has made “significant progress” after the cybersecurity incident. Still, the port operator’s main systems are down, preventing trucks from picking up or dropping off containers. However, vessels can still load and unload containers at the terminals.
On Saturday, Home Affairs Minister Clare O’Neil posted on X that the “cyber incident at DP World is serious and ongoing.”
The cyber incident at DP World is serious and ongoing.
DP World manages almost 40% of the goods flowing in and out of our country, and this incident is affecting the ports of Melbourne, Fremantle, Botany and Brisbane.
— Clare O’Neil MP (@ClareONeilMP) November 12, 2023
On Sunday, National Cyber Security Coordinator, Air Marshal Darren Goldie, said the port operator is closely working with the government to resolve a “nationally significant cyber incident.”
The Australian Government continues to work with DP World Australia to resolve a nationally significant cyber incident that has affected operations at a number of ports around the country.
— National Cyber Security Coordinator (@AUCyberSecCoord) November 12, 2023
“DP World today advised the Australian Government that the time frame for interruptions to continue is likely to be a number of days, rather than weeks,” Goldie said.
Here’s more from the official:
Today (Sunday 12 November 2023), I again convened the National Coordination Mechanism to bring together government agencies and the maritime and logistics sectors as part of the response to the incident. This followed earlier technical and Ministerial briefings with the company.
DP World’s IT system remains disconnected from the internet, significantly impacting their operations in Brisbane, Sydney, Melbourne and Fremantle. Our priority remains assisting DP World to restore their systems, which will allow cargo operations to recommence.
DP World today advised the Australian Government that the timeframe for interruptions to continue is likely to be a number of days, rather than weeks.
They also advised that despite the disruption, they are able to access sensitive freight at the ports if necessary – for example, in a medical emergency.
We are continuing to develop our understanding of the flow on impacts to Australia’s logistics system.
The National Emergency Management Agency, the Department of Infrastructure, Transport, Regional Development, Communications and the Arts and the Office of Supply Chain Resilience in the Department of Industry, Science and Resources will work with DP World to ensure that government and industry stakeholders have appropriate situational awareness necessary to support the management of any disruption to Australia’s supply chains.
While I understand there is interest in determining who may be responsible for the cyber incident, our primary focus at this time remains on resolving the incident and supporting DP World to restore their operations.
The Australian Federal Police is continuing to investigate the incident.
Ports Australia wrote in a statement that the disruption is only at DP World Australia terminals:
“Australia’s ports and other terminals remain operational. We understand the importance of accurate reporting in maintaining public confidence and preventing unnecessary concern.”
This comes days after Chinese bank ICBC was hit with a cyberattack that reportedly affected US Treasury liquidity during a 30-year auction. And a string of cyber breaches at major ports in recent years.