Cyber Incident Victim: DP World

On November 9, 2023, DP World Australia detected a cybersecurity incident affecting its container terminal operations in Melbourne, Sydney, Brisbane, and Fremantle. The company closed all affected ports the same evening, suspending landside operations to contain the breach while initiating an internal investigation. This disruption immediately halted truck movements in and out of DP World’s port facilities, creating logistical bottlenecks for cargo handling. The Australian Federal Police launched a criminal investigation into the incident, while the Australian Signals Directorate’s Cyber Security Centre provided technical assistance to DP World. By November 11, the Australian Government activated the National Coordination Mechanism (NCM) – a crisis management framework previously used during COVID-19 and major cyber incidents like the 2022 Medibank breach – to coordinate cross-agency responses. Home Affairs Minister Clare O’Neil confirmed regular government briefings with DP World to assess operational impacts.

National Cyber Security Coordinator Darren Goldiem stated the ports interruption would likely persist for multiple days, significantly affecting national import/export flows. DP World maintained restricted landside access throughout the investigation period to protect employees, customers, and networks, though ship loading/unloading operations continued unaffected. Fremantle Ports clarified that only DP World’s truck access was impaired, with Patrick stevedoring operations functioning normally. The NCM convened its first meeting on November 11, involving federal, state, and industry stakeholders, with plans to reconvene on November 12. No specific threat actor or attack vector was disclosed publicly during the initial response phase. DP World’s ongoing investigation focused on determining the breach’s impact on systems and data while maintaining maritime operations where possible.