Cyber Incident Victim: DP World Australia

On November 10, 2023, DP World Australia detected a cybersecurity incident affecting its container terminals in Sydney, Melbourne, Brisbane, and Fremantle, leading to the immediate closure of landside operations at these ports that evening. The company restricted truck access to its facilities to contain the breach while initiating an internal investigation, though ship movements and crane operations continued unaffected. The Australian Federal Police launched an investigation into the incident, and the Australian Signals Directorate’s Cyber Security Centre provided technical assistance. By November 11, the Australian government activated the National Coordination Mechanism (NCM)—a crisis management framework previously used during the COVID-19 pandemic and Medibank data breach—to coordinate federal, state, and industry responses. National Cyber Security Coordinator Air Marshal Darren Goldiem warned the disruption would likely persist for several days, impacting the national movement of goods.

Fremantle Ports clarified that only DP World’s landside operations were compromised, with Patrick Terminals operating normally, though truck movements in and out of DP World’s laydown area remained restricted. Home Affairs Minister Clare O’Neil confirmed regular government briefings and collaboration with DP World to assess the incident’s scope. The NCM convened its first meeting on November 11 and scheduled a follow-up session for November 12. DP World issued a statement emphasizing efforts to safeguard employee and customer data while investigating potential system and data impacts. Cybersecurity expert Nigel Phair speculated the incident likely involved a ransom demand, suggesting prolonged disruptions if unresolved. The incident marked the NCM’s continued role in addressing non-health crises, including prior supply chain and cyber emergencies.