Australian ports reopen after cyberattack

A worker moves containers at the compound of ports operator DP World at Port Botany in Sydney on November 13. Picture: DAVID GRAY / AFP

A worker moves containers at the compound of ports operator DP World at Port Botany in Sydney on November 13. Picture: DAVID GRAY / AFP

Published Nov 13, 2023


Sydney, Australia — Major ports handling 40 percent of Australia's freight trade have reopened, operator DP World said Monday, three days after they were crippled by a cyberattack.

DP World cut its systems from the internet when the attack was detected Friday, preventing trucks from unloading or picking up cargo at ports in Sydney, Melbourne, Brisbane and Fremantle.

"DP World Australia is pleased to announce that operations resumed at the company’s ports across Australia," the operator said in a statement.

The firm said it had successfully tested key systems overnight before reopening.

It said it expected to move 5,000 containers out of the four terminals during the day — not far from industry estimates of their usual daily traffic.

Investigations and efforts to protect systems may still cause "some necessary, temporary disruptions" to port services in the coming days, the company said.

DP World said its investigation and remediation work were likely to take "some time".

Shipping bodies said operations at the ports had restarted slowly early in the morning, with priority given to getting imported containers out of the terminals.

‘Someone malicious’

DP World's advisor on its response to the cyberattack, Alastair MacGibbon, earlier said there had been "unauthorised activity in the system".

Data had been taken by "someone malicious or unauthorised", he told Nine Network television, without giving details of the nature of the stolen information.

DP World Australia said it was still working with the Australian government and cyber authorities.

Australia's national cybersecurity coordinator, Darren Goldie, said DP World did the right thing by cutting off its internet access to prevent the attack from spreading.

Goldie said he did not know who was behind the cyberattack, and he did not expect the government to be attributing blame "anytime soon".

The Australian government called emergency meetings with the company and industry representatives over the weekend to manage its response.

The environment and water minister, Tanya Plibersek, said the government wanted to toughen Australian businesses' defences against cyberattacks.

International criminal syndicates were using ransomware to extort money from Australian businesses but the government did not know the full extent because some victims paid the ransom without reporting it, the minister said.

Cybersecurity experts have said inadequate safeguards and the stockpiling of sensitive customer information have made Australia a lucrative target for hackers.


Medibank, Australia's largest private health insurer, said in November 2022 that hackers had accessed the data of 9.7 million current and former customers, including medical records related to drug abuse and pregnancy terminations.

Just two months earlier, telecom company Optus fell prey to a data breach of a similar scale in which the personal details of up to 9.8 million people were accessed.

Those two incidents were among the largest data breaches in Australian history.