Major ports in Australia, which account for 40 percent of the country's freight trade, have reopened after being paralyzed by a cyberattack for three days, according to port operator DP World and reported first by AFP.
DP World took action by disconnecting its systems from the internet upon detecting the cyberattack on Friday. This measure was aimed at preventing further damage, but it resulted in a temporary halt to cargo operations at key ports in Sydney, Melbourne, Brisbane, and Fremantle.
A worker moves containers at the compound of ports operator DP World at Port Botany in Sydney on November 13, 2023. Major ports handling 40 percent of Australia's freight trade have resumed operations, leading operator DP World said on November 13, three days after they were crippled by a cyberattack.
"Unauthorized Activity"
DP World released a statement on Monday, announcing the resumption of operations at its ports across Australia. The company expressed satisfaction in testing essential systems overnight, allowing for the ports to reopen.
However, it cautioned that ongoing investigations and efforts to secure systems might lead to temporary disruptions in port services in the days to come.
The port operator disclosed its intention to move around 5,000 containers through the four terminals on the day operations resumed, a figure close to industry estimates for typical daily traffic. Despite the restart, DP World acknowledged that its investigation and remediation efforts were expected to be time-consuming.
Alastair MacGibbon, an advisor on DP World's response to the cyberattack, revealed that there had been "unauthorized activity in the system," suggesting that data had been accessed by an external party. However, detailed information about the nature of the stolen data was not provided, as per AFP's report.
DP World Australia affirmed its collaboration with the Australian government and cyber authorities in addressing the incident. The national cybersecurity coordinator, Darren Goldie, commended DP World's decision to disconnect from the internet, emphasizing the importance of preventing the attack from spreading further.
Goldie stated that attributing blame for the cyberattack might not happen anytime soon.
Read Also: Boeing Confirms Cyber Incident After LockBit Ransomware Gang Listing; Will It Impact Flight Safety?
Australia's Response
The Australian government responded to the cyber incident by holding emergency meetings with DP World and industry representatives over the weekend to manage the situation.
Tanya Plibersek, the environment and water minister, highlighted the government's intention to strengthen the defenses of Australian businesses against cyberattacks.
Plibersek mentioned that international criminal syndicates were utilizing ransomware to extort money from Australian businesses, and she expressed concern that the full extent of the issue was unknown due to some victims choosing to pay ransom without reporting the incidents.
Cybersecurity experts have pointed out the vulnerabilities in Australia's safeguards and the storing of sensitive customer information, making the country an attractive target for hackers, as per AFP's report.
The incident underscores the ongoing challenges in securing critical infrastructure against cyber threats. As DP World resumes operations, the focus remains on the comprehensive investigation and remediation efforts to ensure the resilience of Australia's major ports against future cyber risks.
Related Article: US Defense, Justice Department Faces Major Breach, Exposing 632,000 Employees' Email Accounts
