A cyberattack on one of Australia’s biggest port operators last Friday (10) has resulted in the operator struggling to resume operations even three days after the incident. The attack was carried out on DP Australia, which is responsible for managing the flow of close to 40% of the country’s goods. Owned by parent company Dubai-based logistics group DP World, the company announced this Monday (13) that it will be starting some of its operations this week onwards. Australia has been experiencing a significant increase in cyberattacks against its networking systems since late last year. The extent of the issue was such that the federal government intervened to reform the regulations around cybersecurity in the country and set up a mandated agency to help coordinate state responses to attacks just earlier this year. Speaking to ABC Radio, Cyber Security Minister Clare O’Neil highlighted how the latest attack showed
“How vulnerable we have been in this country to cyber incidents and how much better we need to work together to make sure we keep our citizens safe”.
– Clare O’Neil, Australian Minister for Cyber Security
The breach of DP Australia’s IT systems is the latest in what appears to be a string of cyberattacks worldwide and follows a ransomware exploit against the Industrial and Commercial Bank of China. The cyberattack effectively crippled the company for three days, halting operations in DP Australia terminals in Melbourne, Sydney, Brisbane, and Western Australia’s Fremantle. DP World had noted that the organisation had been compromised last Friday and had promptly disconnected operations from the internet, which caused these disruptions to normal schedules. While the company hopes to mitigate the delays caused by shifting about 5,000 containers from the Australian terminals throughout the day, stakeholders can expect to exercise their patience as DP Australia concludes its ongoing investigations into the incident and reclaims the systems affected over the days to come. Although 5,000 containers sound like a lot, the number represents just under 17% of the freight traffic affected by the security breach. The total freight affected is said to amount to 30,000 containers. The authorities, however, reassure Australians affected that critical supplies will still be landed where they are necessary.
Senior Director for DP World Blake Tierney states that it is still possible for freight to be unloaded from ships at DP Australia terminals. However, they are barred from being transported from it, which is a precaution commonly taken when the full extent of a data breach is yet to be established.
According to DP Australia, the slow resumption of its operations does not necessarily signal the end of the incident itself. As mentioned, investigations are still ongoing, and the necessary interventions to reclaim the company’s IT systems are still underway. The company warns that its efforts to secure its systems will likely cause “some necessary, temporary disruptions in its services”. The process involves the company reviewing its servers to identify the areas breached by the hackers and the data that may have been exposed, removed, or tampered with, and tracing malicious software that may have been left behind. As the new week’s first workday ends, Australia’s authorities have still been unable to identify the culprits behind the attack, and according to National Cyber Security Coordinator Darren Goldie, were instead directing their efforts to help DP Australia resume their normal operations. The Australian Federal Police has also confirmed that their investigations into the incident were underway while declining to comment further on the matter.
However, the nature and the manner in which the breaching of the company’s networking systems has taken place suggests that the attack was a deliberate move with malicious intentions. The breach had occurred on the night of a Friday, when most of the staff were not on duty, thereby making the breach more likely to pass unnoticed. The target itself, as mentioned, fulfils the demands of a significant portion of Australia’s trade with the world. The implications of the attack, therefore, extend to further impacts on the country’s economy, national security, and even sovereignty.
Maritime and port services are just among the many industries affected by cybersecurity risks following the global shift away from paper-based documentation. Ransomware hackers are generally the typical culprits, looking to profit off of the organisation being held hostage via sensitive data. DP Australia, however, has yet to receive such a ransom demand. In July, Japan’s biggest maritime port was also compromised as a result of a cyberattack carried out by Lockbit—a hacking gang with ties to Russia. The same group is responsible for the attack against the Industrial and Commercial Bank of China. June saw several Dutch ports facing DDoS (distributed denial-of-service) attacks. Australia depends heavily on its ports to move trade, exporting its chief products in terms of agriculture, energy, and mining resources in order to import a major part of its necessities such as tech, clothes, medicines, and the like. The attack on its ports is a clear exploitation of this vulnerability.
Unfortunately for the clients and the people affected, cyberattacks are not the only issues affecting freight traffic through DP Australia this month. Ongoing labour disputes are also slowing down the company’s operations, causing an average delay of up to a week, with some ships reportedly idling at their ports for up to 12 days. The dispute shows little signs of reaching a satisfactory conclusion, as DP Australia continues to refuse to give in to the demands for a wage increase without the simultaneous implementation of a change in work rules that are described as being necessary to maintain and improve workplace productivity. The Maritime Union of Australia is refusing these changes while standing its ground on the need for a 27% wage increase. Carriers affected by union actions have resorted to skipping scheduled port calls to offload their cargo at different ports, while customers are forced to look for the necessary transshipping on their own.
(Theruni Liyanage)