On Sunday, the Australian government described a “serious and ongoing” cybersecurity incident that has forced ports operator DP World Australia to suspend operations at ports in several states since Friday. The company manages nearly half of the goods that flow in and out of the country, and its closure has caused delays to freight, which could continue for days.
The company said it was working around the clock to ensure that any “sensitive inbound freight” can be prioritized and retrieved. It added that its teams are also looking into possible data breaches and testing systems “crucial for the resumption of normal operations and regular freight movement.”
Home Affairs Minister Clare O’Neil took to social media platform X (formerly Twitter) to share an update about the incident, saying it was a “serious and ongoing cyber attack” affecting major gateways nationwide. She also added that the government is coordinating its response, with the National Coordination Mechanism expected to meet shortly. The mechanism brings together agencies of federal, state, and territory governments and industry and private sector stakeholders to respond to a crisis. Australia’s National Cyber Security Coordinator, Air Marshal Darren Goldiem, has led the government’s response to the incident and will provide technical advice.
DP World has worked to make significant progress in re-establishing landside freight operations at the ports it operates in Melbourne, Sydney, Brisbane, and Fremantle. However, it still says the ports will remain closed for “several days.” The company is locked in a labor dispute with dockworkers represented by the Maritime Union of Australia over wage increases and work rule changes. The union, which has staged rolling 24-hour strikes at the ports since late October, extended its notice last week through November 20.
While DP World works to resolve the problem, Australia’s other port operators have operated normally. In a statement, Ports Australia said that the disruption to DP World’s operations was “limited to its terminals and does not affect other ports or port users.” It noted that the government is working closely with all stakeholders.
This is not the first time a port operator has fallen victim to a cyberattack. Hackers attacked Bermuda’s Department of Planning and other government services in September, making them unusable for weeks. In that incident, the hackers sought to extort money from government workers.
Meanwhile, the country’s police force has warned businesses and individuals to be extra vigilant in the face of cyber attacks. The Australian Crime Commission urges businesses to implement risk management and contingency plans and review their disaster recovery and business continuity arrangements. It also advises people to check their online banking security and look out for suspicious emails. The agency also warns banks to keep a close eye on payments and transactions in case of any unusual activity. Its tips for keeping safe online are available here. The CCC has also launched an app to help people report suspicious activity.