Australian ports resume some operations after major cyberattack
By Michelle Toh, CNN
Hong Kong (CNN) — One of Australia’s biggest port operators has restarted some operations after a crippling cyberattack that led to a huge backup of cargo.
DP World Australia, which manages the flow of nearly 40% of the country’s goods and is owned by Dubai-based logistics giant DP World, announced Monday that the resumption came three days following a breach of its IT systems.
The port operator is the latest target in a string of brazen global cyberattacks. Its disruption came just days after a ransomware exploit affected the US unit of the powerful Industrial and Commercial Bank of China, which may have contributed to a sell-off in the stocks and bonds markets.
The ports’ reopening comes after “successful tests of key systems overnight,” DP World Australia said in a statement, adding that about 5,000 containers would move out of its four terminals across the country on Monday.
That would represent just under 17% of the company’s overall affected load, which totals some 30,000 shipping containers, according to the Australian Financial Review. CNN has reached out to DP World Australia for confirmation. The company has terminals at four ports in the cities of Sydney, Melbourne, Brisbane and Fremantle.
Even as it works to get back on track, the company says it could continue to experience hiccups. DP World Australia said in the statement that “the resumption of port operations does not mean that this incident has concluded,” and that its efforts to protect its systems could “cause some necessary, temporary disruptions” in the coming days.
The company will continue to work with authorities to investigate and resolve the issue, it said.
After discovering the breach on Friday, the company quickly made the decision to shut down its systems, according to National Cyber Security Coordinator Darren Goldie.
That meant its ports were largely unable to move goods, with cargo quickly piling up and “filling up” its facilities, Goldie said in an interview with Australian broadcaster ABC on Monday.
Goldie, who is leading the Australian government’s response to the incident, said the company had maintained the ability to retrieve certain sensitive cargo and continue moving some containers across one of its sites. But the systems behind its “operational technology, which allows the actual port to work,” had been taken offline, he noted.
As of Monday morning, the authorities did not know who was behind the attack and were focused on helping the company resume its operations, according to Goldie.
The Australian Federal Police told CNN on Monday that it was investigating the incident, while declining to comment further.
In a Sunday post on X, the social media platform formerly known as Twitter, Australian Minister for Home Affairs Clare O’Neil called the incident “a reminder of the serious risk that cyber attacks pose to our country, and to vital infrastructure we all rely on.”
The-CNN-Wire
™ & © 2023 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.