Cyber Incident Victim: Sydney, New South Wales, Australia

On November 10, 2023, DP World Australia detected a cybersecurity incident affecting its container terminals in Sydney, Melbourne, Brisbane, and Fremantle. The company immediately restricted landside access to its Australian port operations and shut down port activities that same night to contain the breach. The Australian Federal Police launched an investigation into the incident, while the Australian Signals Directorate’s Cyber Security Centre provided technical assistance. The Australian government activated the National Coordination Mechanism (NCM) at approximately 12:00 PM on November 11, invoking the crisis management framework previously used during the COVID-19 pandemic. Home Affairs Minister Clare O’Neil confirmed regular briefings were occurring to assess impacts and coordinate engagement across government agencies. National Cyber Security Coordinator Air Marshal Darren Goldiem co-chaired the NCM meeting, warning that operational disruptions would likely persist for multiple days and affect the movement of goods into and out of the country.

The incident specifically disrupted DP World’s landside operations, including truck access to laydown areas, while ship loading/unloading continued unaffected in Fremantle. Fremantle Ports clarified that only DP World’s systems were compromised, with Patrick terminals operating normally. DP World stated its teams were working to determine the impact on systems and data but did not disclose technical details about the breach’s origin or scope. The NCM convened federal, state, and industry stakeholders to manage supply chain consequences, scheduling a follow-up meeting for November 12. No restoration timeline was provided, though the company maintained communication with employees and customers regarding network safeguards. The disruption threatened prolonged delays to import/export logistics, mirroring previous NCM activations for events like the 2022 Medibank breach and natural disasters.