Enable Pasa Leaderboard Ad 728x90
Close this search box.

Major DP World cyber attack reportedly caused by failure to fix ‘critical’ supply chain vulnerability

Cyber Attack

DP World, one of the country’s largest port terminal operators, recently suffered a major cyber attack with reports now revealing it was allegedly caused by failure to fix a critical CitrixBleed vulnerability, which allows cybercriminals to break into IT systems.

The attack, which occurred on 10th November, closed down four major Australian ports in Sydney, Brisbane, Melbourne and Fremantle leaving around 30,000 shipping containers stranded, leading to panic that the knock on effects from the disruption could continue for weeks.

Experts suggested that the shock to the supply chain could even increase inflation and force the Reserve Bank to raise interest rates for a fourteenth time if the shutdown continued for weeks rather than days.

At the time, DP World, who handle around 40% of Australia’s cargo, said: “Our teams are working diligently to contain the situation and determine the impact on our systems and data.

“To safeguard our employees, customers and our networks, we have restricted landside access to our Australian port operations while we continue our investigation.”

However, by 13th November, containers were starting to move out of the affected terminals with a number of factors expected to cause further disruptions, but experts believe the impact to supply chains will be minimal.

While DP World has confirmed hackers stole data during a breach, it has not released specific details surrounding the cyber attack and how it came to be.

Reports suggest that cybersecurity analysts believe CitrixBleed (which is classed as critical by the Australian Cyber Security Centre) was the likely cause.

They also claim that devices on DP World’s network were not updated to remove the CitrixBleed vulnerability despite the patch being available for over a month before the attack.

The patch could have prevented the attack from occurring.

Matthew Remacle, detection engineering tech lead at GreyNoise Intelligence told ABC News that the use of CitrixBleed to gain an initial foothold in the network is within the realm of possibility, adding that the process of updating the software and preventing this sort of attack “isn’t complex at all”.

He said: “The unfortunate reality is that patching the devices is quite easy and painless.”

Scroll to Top

Contact Us