Cyber Attack on Australia's Largest Port Operator
DP World, short for Dubai Port World, is a well-known multinational logistics company based in Dubai, United Arab Emirates. DP World is a key player in providing global smart end-to-end supply chain and logistics solutions that operate globally, servicing over 1700 ships, 1.5 million trucks, 3 million containers, and 3100 trains annually. DP World, based in Australia, is the largest port operator for the nation, responsible for 40% of the country's maritime freight. However, recent events that have transpired at DP World have put the company in peril…
DP World Australia experienced a cyber attack on the 10th of November resulting in the shutdown of all their services located in Sydney, Melbourne, Fremantle, and Brisbane resulting in the delay of over 30,000 shipping containers stacked up and left at Australian depots. Despite this setback, DP World is gradually restarting operations across Australia after the cyber attack, although operations resumed on November 13, DP World Australia took seven days to clear the backlog of containers.
What’s Happening Now?
In a recent update, the executive vice president of DP World Australia, Nicolaj Noes, confirmed that data belonging to both current and former employees was compromised during the cyber attack that forced the shutdown of the company's operations across the country on November 10. Noes also revealed that personal data, including phone numbers and addresses, was compromised for some employees across the nation, while a few had additional information, such as a copy of a driver's license, exposed.
"For some of our colleagues, it was their telephone numbers, for some, it was their address," he told The Business.
"And then for a very few amount of people, there was a little bit more, a copy of a drivers license, etc.
"The good news is that it's a very small part of our community that has been impacted, and those affected we're working with now on an individual basis."
While investigations into the cyber attack are ongoing, the identity of the hackers remains unknown. Noes dismissed speculation linking Russian cyber criminals to the incident and emphasised the need for a thorough investigation before making any conclusions.
"I wish I knew [who was responsible] … but I think this is one of those areas where we shouldn't be speculating," he told The Business.
Cybersecurity analysts had earlier suggested that DP World Australia failed to address a critical IT vulnerability known as ‘CitrixBleed’, potentially providing a route for the attackers.
Despite the resolution of the cyber attack aftermath, DP World Australia now faces the challenge of potential freight delays due to planned industrial action by its workers. The company is working to prevent a 48-hour work stoppage by employees, who have been engaged in protected industrial action over pay and rosters. The ongoing dispute with the Maritime Union of Australia adds to the complexities, with Noes warning of a “snowball effect” leading to extended delays and possible supply shocks to the national supply chain.
"[The action] does have a snowball effect … even if you have a strike on one day, it doesn't mean that everything just gets one day later, so we are unfortunately looking at continued delays and probably expanded delays," he told The Business.
"It's very difficult to predict … but if we're today looking at delays of seven to 10 days, we can easily get into double that….”
He added that the planned industrial strikes would result in even further delays to the national supply chain while the Maritime Union has disputed those claims, saying the recent cyber attacks on DP World Australia had a greater impact on port activity, and criticised the company for refusing to negotiate in regards to employees payrolls and benefits.
"....There is a delay of cargo and there will unfortunately be people in the community out there, sitting and waiting for that particular box, for that particular container, that they need to get access to before Christmas that we unfortunately cannot guarantee them that they will," Noe said.
Your Security is our Priority
Your friendly Support Team
Speak to us about all your computer needs
This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.