Join our crew and become one of the 106,887 members that receive our newsletter.

Australia Cyberattack Leaves 30,000 Containers Stuck at Ports

Container loading in a Cargo freight ship with industrial crane. Container ship in import and export business logistic company. Industry and Transportation concept.

Australia Cyberattack Leaves 30,000 Containers Stuck at Ports

Total Views: 1679
November 13, 2023

(Bloomberg) —

DP World Plc is struggling to work through a backlog of 30,000 shipping containers piled up at ports across Australia as the company resumes operations after a cyberattack.

Friday’s hack on DP World, one of the world’s largest port operators, triggered a company shutdown at the eastern ports of Melbourne, Sydney and Brisbane and at Fremantle in the west. While operations partially resumed on Monday, the investigation into the attack as well as measures to protect the network could disrupt services for days, DP World said in a statement.

The company expects to shift 5,000 containers out of the four ports on Monday, less than a quarter of the typical daily volume nationwide, a spokesman said. With local strikes also hitting DP World in coming days, it may be next week before normal activity resumes in Australia, the spokesman said.Play Video

DP World manages almost 40% of goods flowing in and out of Australia, exposing the country to widespread economic and commercial fallout from an attack on a single entity. The maritime trade giant is the latest victim in a string of high-profile cyberattacks this year. Industrial & Commercial Bank of China Ltd. — the world’s biggest lender by assets — was recently struck by a ransomware attack that blocked some Treasury market trades from clearing.

As more ports automate and move away from paper documentation, hackers pose a growing threat to the region’s shipping networks. Ransomware hackers install malware on victims’ systems, holding them hostage until they receive payment.

With DP World struggling to get back on its feet, Australian Home Affairs and Cyber Security Minister Clare O’Neil said the government plans to force businesses to report any ransom incident, demand or payment. Authorities will also provide a guidebook to help companies prepare and deal with ransom demands, she said. 

DP World hasn’t received a ransom demand connected to the latest attack and doesn’t know which organization is responsible, the Australian Financial Review cited a top company official as saying.

In an update to importers and exporters earlier on Monday, the Freight & Trade Alliance industry body said there was still disruption at DP World’s Australian ports. According to the update, DP World was restricting exports at Melbourne. It also warned of “unforeseen service impacts” in Sydney and changes or limits to truck access at Fremantle.

“DP World Australia’s investigation and ongoing remediation work are likely to continue for some time,” the company said in its statement.

This isn’t the first time hackers have targeted major ports. In July, Japan’s biggest maritime port was hit by the notorious hacking gang Lockbit, a ransomware group with Russian ties that was also behind this week’s ICBC attack. A month earlier, several Dutch ports including Amsterdam and Groningen faced distributed-denial-of-service attacks, known as DDoS. 

In 2021, South Africa’s port and rail company was struck by a ransomware attack that forced it to declare force majeure at container terminals and switch to the manual processing of cargo. 

Australia’s ports are critical to its economy, with the nation moving 98% of its trade by sea, according to Ports Australia, a leading industry body. A lot of what Australians use on a daily basis — from computers to clothes and medicine are imported — while the country is a key agriculture, energy and mining exporter.

Police are investigating the cyberattack. DP World is combing through its servers to find out where hackers may have been, the data they may have looked at or and moved, and if they left any malicious software, the AFR reported, citing Nicolaj Noes, who oversees the Oceania business.

Noes told the paper there was a possibility that alarms raised by the firm’s monitoring software gave it time to shut down its systems before data was stolen or locked up. 

(Updates with backlog in the first paragraph and normal service levels in the third.)

© 2023 Bloomberg L.P.

Unlock Exclusive Insights Today!

Join the gCaptain Club for curated content, insider opinions, and vibrant community discussions.

Sign Up
Back to Main
polygon icon polygon icon

Why Join the gCaptain Club?

Access exclusive insights, engage in vibrant discussions, and gain perspectives from our CEO.

Sign Up


Maritime and offshore news trusted by our 106,887 members delivered daily straight to your inbox.

gCaptain’s full coverage of the maritime shipping industry, including containerships, tankers, dry bulk, LNG, breakbulk and more.