The government says it does not yet know who was behind a cybersecurity incident that has shut down DP World over the weekend. As far as we know, there has been no ransom demand.
A key line of inquiry in this ongoing investigation is the ‘nature of data access and data theft.’ DP World Australia says it understands this development may cause concern for some stakeholders.
The Australian Federal Police (AFP) said it was still investigating the cybersecurity incident. “We’ve commenced an investigation into the incident and we’re not commenting further as it’s an ongoing investigation,” an AFP spokesperson said in an interview with the ABC.
The Australian government is closely involved in managing the situation, providing support and advice to DP World and other affected parties through the Critical Infrastructure Centre and the Trusted Information Sharing Network. These government agencies are equipped to provide support in times of crisis.
Ports are difficult targets. To cause such a disruption, the attackers would have to be highly skilled and make plans well in advance of the event. The fact ports have been successfully hacked more than once in recent times suggests that threats from cybercriminals are steadily increasing, according to an analysis today in The Conversation.
When the incident is a direct cyber-attack that infiltrates systems and steals or modifies data, this requires a complete system shutdown. Without the integrity of systems, consignment data cannot be trusted and the Australian Border Force (ABF) is unable to verify the content of shipments, resulting in issues with the collection of duties, taxes and fees.
Based on what is known about similar cases, it is possible the attack took advantage of vulnerabilities in DP World’s system. These vulnerabilities are normally closed by applying a ‘patch’ in the same way your browser needs updating every week or two to keep it safe from being hacked.
Once hackers gained access, the breach likely pivoted to infiltrate the operational systems that directly manage port activities. Failing to isolate and secure these control networks allowed the incident to impact operations.
A problem for Australia is the potential effect of the cyberattack on its reputation as a shipping destination. When port facilities have a backlog of containers to the point where ships are delayed, costs quickly escalate to millions of dollars.
For a seamless flow of goods, we need to be constantly vigilant of potential threats to our supply chain infrastructure.
The attack comes on top of ongoing industrial action – the CFMMEU, MUA Division have outlined a further series of work bans and stoppages up to and including Monday 27 November.
See our previous related article: DP World: Fees Up, Tools Down.
As licensed Customs Brokers and International Freight Forwarders, Colless Young provides a complete range of shipping and allied transport services including connections by road and rail as well as warehousing. We professionally handle all your consignments by sea and air, both import and export, taking care of customs clearance, quarantine treatments and landed costings. With out head office in Brisbane, Colless Young offer logistics facilities through all major Australian ports and airports.
