Industry Issues, Transport Features

How can companies respond to one of Australias largest port cyber-attacks?

This week’s ATN feature takes a deeper look at the recent DP World cyber-attack and how well it has been handled by Australia’s logistics sector

It was one of the biggest cyber-attacks in recent history on one of Australia’s key logistics companies. Ports were shut down, the Australian supply chain stalled and more than 30,000 containers remained idle. It all ended on November 13 when DP World Australia announced normal operations had resumed at its ports.

While this supply chain crisis may’ve come to an end, there’s still plenty of aftershocks being felt as DP World continues to investigate the cause of this attack. Some, such as UNSW associate professor Rob Nicholls, say this attack was one of the biggest cyber-attacks in recent history.

“It adversely affected the land-based logistics industry, the trucking industry, the retail sector, health, all of the people who rely on the importation of goods and, frankly, that’s everyone in this country,” Nicholls told ATN.

“It’s a big impact, but most importantly it’s having a big impact at a pinch point, a critical point in all of the supply chain.”

DP World may have been vulnerable to this cyber-attack in the lead-up. A recent report released by the Centre for International Corporate Tax Accountability and Research (CICTAR) suggests that the company has evaded paying taxes in Australia over the past eight years. To go with this report, the CFMEU-MUA continues to take protected industrial action (PIA) against DP World, having started nearly two months ago.

With all these factors taking place concurrently, DP World says that Australia’s nation supply chain has been adversely impacted and could jeopardise the upcoming holiday season for both consumers and businesses.

Nicholls says when it comes to targeting the logistics sector, finding a company with lower numbers of ships and trucks made DP World vulnerable in a new way.

“You’re not going to choose ships on the ocean, you’re not going to choose the trucking industry, you’re going to choose ports,” Nicholls says.

“And then who’s the biggest operator of the container sector within the ports, it’s DP World. If I was an evil cyber doer, it would be my first target.”

There are some that believe further investigation needs to take place into DP World itself, including the Maritime Union of Australia (MUA).

In a media release this past Monday, the MUA called on federal home affairs minister Claire O’Neill to launch a government investigation into the attack. The release also added that the attack was completely avoidable and was the company’s own making.

DP World has come out in response to this and told ATN that it has worked extensively with numerous stakeholders, including O’Neill herself, federal transport and infrastructure minister Catherine King and the Cyber Security Centre and Coordinator to protect its operations.

DP World Australia also says that the National Coordination Mechanism (NSM) has been implemented, regular briefing sessions have been held with NSM participants and that it has briefed the Office of the Australian Information Commissioner.

The investigation may take a while, but Nicholls says DP World is handling it better than how Optus handle a similar nation-wide cyber-attack that took place right before the DP World attack.

The process of detecting and determining who caused the cyber-attack includes reporting the incident as soon as they found it, notifying customers and then checking if the cyber-attack was still taking place while its ports slowly came back online.

“I know that DP World’s customer base is different, but it’s not what we saw from Optus, Medibank Private or Latitude,” Nicholls says.

“It’s actually much closer to best practice and reflects the importance that DP World ports and all of the other ports have placed on cyber security as a risk.”

 UNSW professor Rob Nicholls believes that DP World is handling its cyber-attack well

Cyber security and risk reporting at ports has been high on the agenda of companies such as DP World Australia since the 2022 amendment of the 2018 Security and Critical Infrastructure Act.

Reporting back to the centre’s coordinator is part of a revised and expanded version of the Act. Nicholls says that it recognised ports as being part of critical infrastructure in Australia.

“Under the last government, it built in some other players, part of this was a learning from COVID, but the supply chain is actually critical to so much of Australia,” Nicholls says.

“Critical infrastructure was identified, which includes the ports and the trucking sector, but there were specific obligations of the ports to try and reduce their cyber risks.”

The Cyber Security Centre has played a major role in helping companies identify cyber-attacks in the past couple of years.

It has done so by teaching these companies what’s previously happened across different industries and the process taken by others that have suffered from a similar attack.

“If there was a cyber-attack on an energy provider, it focused on what was the process and how ports can learn from those processes,” Nicholls says.

“That’s precisely what the cyber security centre is trying to do. I think it’s a good thing, but the problem is it’s a lot easier to say what that attack was all about in hindsight then it is to be proactive about it.”

While ports continue to work on putting cyber-attack risk at the top of their agendas, Nicholls says that there’s still a high risk of these ports having another cyber-attack with a similar impact.

Nicholls says governments can continue to support these ports, but only after a cyber-attack has happened.

Along with the government’s support, Nicholls says ports and companies can be proactive about cyber-security by putting cyber risk at the top of its risk planning agenda.

More importantly though, Nicholls says to make sure that not just the CEO and board, but everyone in the company with a mobile phone, computer or devices is as prepared as possible for a potential cyber-attack.

“Companies need to make sure that everybody is as cyber-aware as they can be,” Nicholls says.

Previous ArticleNext Article
Send this to a friend