The Australian Federal Police said on Sunday they were investigating a cybersecurity incident that forced ports operator DP World Australia to suspend operations at ports in several states.
“We’ve commenced an investigation into the incident and we’re not commenting further as it’s an ongoing investigation,” an Australian Federal Police spokesperson said.
The ongoing disruption has not prevented containers from being taken off vessels, but trucks needed to transport them have not been able to drive in or out of the terminals, DP World senior director Blake Tierney said in a statement.
“The company is working around the clock to restore normal operations safely,” he added.
DP World Australia, part of Dubai’s state-owned ports giant DP World, operates four container terminals in Australia in Melbourne, Sydney, Brisbane and Western Australia’s Fremantle.
Late on Saturday, Australia’s National Cyber Security Coordinator Darren Goldie, appointed this year in response to several major data breaches, said the “interruption” was “likely to continue for a number of days and will impact the movement of goods into and out of the country”.
“DP World Australia has advised it has restricted access to its Australian port operations in Sydney, Melbourne, Brisbane and Fremantle while it investigates the incident,” Goldie said on social media platform X, formerly Twitter.
The disruptions threaten to hobble supply chains that were already working to fully recover from the effects of the Covid-19 pandemic. The attack also comes as DP World’s operations are embroiled in an ongoing strike by the Maritime Union of Australia over wages and better work conditions.
Home Affairs Minister Clare O’Neil said on Saturday that the government was coordinating a response to the “cyber incident”.
According to DP World, in the Asia-Pacific region it employs more than 7,000 people and has ports and terminals in 18 locations.
DP World, one of the largest port operators globally, is the latest victim in a string of devastating, high-profile cyberattacks globally this year. Earlier this week, Industrial and Commercial Bank of China Ltd. – the world’s biggest lender by assets – was struck by a ransomware attack that blocked some Treasury market trades from clearing and forced brokers to divert transactions. Ransomware hackers install malware on their victims’ systems, holding them hostage until they receive payment.
Over the weekend, DP World told the AFR that it’s working to ensure sensitive inbound freight shipments can be prioritised and retrieved.
Reporting by Reuters, Bloomberg, Agence France-Presse