DP World Plc struggled to restore operations at its ports in Australia after a cyberattack forced a mass closure, prompting government crisis meetings over the weekend and leaving tens of thousands of containers stranded ahead of the year-end holiday season, according to Bloomberg.
Interruptions at four of the nation’s largest ports are expected to continue for several more days as DP World’s IT system remained disconnected from the internet since the hack on Friday, the government said Sunday. DP World Australia hasn’t received a ransom demand and doesn’t know which organization is responsible, the Australian Financial Review cited a top company official as saying.
DP World, one of the world’s largest port operators, is the latest victim in a string of devastating, high-profile cyberattacks globally this year.
As more ports automate and move away from paper documentation, hackers pose a growing problem to the region’s shipping networks. Ransomware hackers install malware on their victims’ systems, holding them hostage until they receive payment. It wasn’t immediately clear whether ransomware was behind the attack on DP World.
Australia’s ports are critical to its economy, with the nation moving 98% of its trade by sea, according to Ports Australia, a leading industry body. A lot of what Australians use on a daily basis — from computers to clothes and medicine are imported — while the country is a key agriculture, energy and mining exporter.
Police are investigating the cyberattack. DP World is combing through its servers to find out where hackers may have been, the data they may have looked at or and moved, and if they left any malicious software, the Australian Financial Review reported, citing Nicolaj Noes who oversees the Oceania business.
Noes told the paper there was a possibility that alarms raised by the firm’s monitoring software gave it time to shut down its systems before data was stolen or locked up.
The disruptions at ports in Sydney, Melbourne, Brisbane and Fremantle also comes as the company is embroiled in an on-going strike by the Maritime Union of Australia over wages and better work conditions.
DP World said early Sunday that it has made “significant progress” in re-establishing freight operations, as teams tested key systems that are crucial for the resumption of normal operations and regular movement.
The company is collaborating with other ports and terminal operators to facilitate the flow of some freight, and working closely with the government and other stakeholders “to identify and retrieve sensitive inbound freight,” it said.
This isn’t the first time hackers have targeted major ports. In July, Japan’s biggest maritime port was hit by the notorious hacking gang Lockbit, a ransomware group with Russian ties that was also behind this week’s ICBC attack. A month earlier, several Dutch ports including Amsterdam and Groningen faced distributed-denial-of-service attacks, known as DDoS.
In 2021, South Africa’s port and rail company was struck by a ransomware attack that forced it to declare force majeure at container terminals and switch to the manual processing of cargo.