Deepthi Nair

Global ports operator DP World Australia has restricted access to its ports as it works to contain a cyber security incident that is likely to disrupt the movement of goods for days.

DP World Australia detected the incident and began respondingon Friday, it said in a statement.

“Our teams are working diligently to contain the situation and determine the impact on our systems and data. To safeguard our employees, clients and our networks, we have restricted access to our Australian port operations while we continue our investigation,” the company said.

“This is part of a comprehensive response, which includes engaging with cyber security experts, investigating the incident and notifying the relevant authorities.

“We fully appreciate the importance of this matter, and assure our employees, customers, partners and other stakeholders that their security and privacy are our top priorities. Our goal is to be transparent while ensuring the accuracy and completeness of any information we share.”

DP World Australia, part of Dubai's state-owned ports giant DP World, operates four container terminals in Australia in Melbourne, Sydney, Brisbane and in Fremantle, Western Australia.

DP World employs more than 7,000 people in the Asia Pacific region and has ports and terminals in 18 locations.

The situation will also weigh on DP World’s operations that have been embroiled in a strike by the Maritime Union of Australia over wages and better work conditions.

Australia’s Home Affairs Minister Clare O’Neil said on Saturday that the government is aware of the incident is co-ordinating the response to this incident.

“The government is receiving regular briefings and is working with DP World Australia to understand the impact of this incident,” she said.

She added that the Australian Cyber Security Centre was leading the operation to manage the incident and providing technical advice and assistance to DP World.

Inter-government agency the National Co-ordination Mechanism met on Saturday.

This brings together agencies of federal, state and territory governments in Australia with industry and private sector stakeholders to respond to crises, according to its website.

National cyber security co-ordinator Air Marshal Darren Goldie said the Australian government is responding to a “nationally significant” incident affecting a number of maritime port facilities operated by DP World Australia.

He said in a post on social platform X that he had co-chaired the meeting with the National Emergency Management Agency to consider and address impacts arising from the incident.

He said his office had been engaged since Friday evening, when it was notified of the incident.

“DP World Australia has advised it has restricted access to its Australian port operations in Sydney, Melbourne, Brisbane and Fremantle while it investigates the incident,” Mr Goldie said on X.

“This interruption is likely to continue for a number of days and will impact the movement of goods into and out of the country. DP World Australia is working with its stakeholders to consider the impacts on its operations at specific ports.”

“Our priority is to assist DP World Australia to resolve the incident, so they are in a position to restore access to the ports they operate across the country.”

The Australian Federal Police has started an investigation into the incident, he added.

The hack follows a similar incident at Industrial and Commercial Bank of China, the world's biggest lender, on Friday when it was hit by a cyber attack that caused disruption in US Treasury markets and forced traders to conduct transactions using USB sticks.

The attack, which was first reported by the Financial Times, was launched against Beijing-based ICBC's financial services unit and is suspected to have been carried out by underground organisation LockBit, a ransomware group, Bloomberg reported, citing sources.

Cyber attacks continue to become more sophisticated and advanced, especially in today's digital age in which hackers focus on unsuspecting users who are immersed in technology more than ever, and can cause financial and reputational damage.

In particular, ransomware – a type of malicious software that takes over a system and demands a payment for it to be restored – continues to grow, compared with 10 years ago, cyber security services company Group-IB had previously said.

More than 72 per cent of businesses globally have been affected by ransomware attacks as of 2023, growing steadily over the past six years, data from Statista shows.