Data breach shuts down Australian port operations

How a cyber attack halted the flow of goods into major Australian cities

By Mark HoffmannKENOSHA.COM

A leader in the IT industry for nearly three decades, Hoffmann has helped small and large businesses take advantage of technology to better serve their customers and employees. Hoffmann is owner of CMIT Solutions of SE Wisconsin.

Fortifying supply chains: post port cyberattack cybersecurity measures

Last week, a serious cyberattack forced a major port operator in Australia to shut down operations across the continent. DP World Australia manages half of all goods that flow into the country at numerous ports, including in Melbourne, Sydney, Brisbane, and Fremantle.

The Australian Federal Police declined to detail investigations into the cyberattack, but Australia’s national cybersecurity coordinator Darren Goldie said on Saturday, November 11 that the interruption was “likely to continue for a number of days and will impact the movement of goods into and out of the country.”

Security experts quickly expressed concern about the potential threat to supply chains worldwide. DP World is part of a global logistics corporation based in Dubai, facilitating trade around the globe. Any shutdown of port activity in one area could lead to maritime freight backups in other areas—especially with the holiday shopping season mere weeks away.

How did the hack happen?

Information about the cyber incident was still scarce as of press time, but DP World Australia immediately disconnected all Internet connectivity in the wake of the attack. That prevented unauthorized access to company networks and data—but also brought all day-to-day operations to a screeching halt.

No evidence of global connections had emerged as of Sunday, November 12. But cybersecurity experts worried that concurrent cyberattacks in Ukraine, China, Israel, and the United States could point to coordination between state-sponsored hacking agencies in Russia or Iran.

How can I protect my business? 

As the frequency and complexity of digital threats increase, it’s imperative to take proactive steps to keep your business safe. The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) recently rolled out a public service campaign intended to “make cyber hygiene as common as brushing your teeth,” according to an NPR report.

CMIT Solutions recommends the following five tips that align with CISA’s strategy to protect your information and strengthen the safety of your systems:

  • Back up your data regularly, remotely, and redundantly. No matter what threats your company faces, the best way to bounce back from a security issue is with a reliable data backup. These should be executed automatically on a weekly (if not daily basis) and stored in multiple locations. In the event of a ransomware or virus infection, affected systems can be wiped clean and a recent backup can be used to restore data. That helps your business bounce back and return to regular day-to-day operations.
  • Implement multi-factor authentication (MFA) and single sign-on (SSO) solutions. MFA and SSO were once considered annoying, frustrating, and even unnecessary. But as more frequent data breaches lead to more stolen passwords—and those passwords are then used to hack into more accounts—tougher login protocols are a must. MFA requires a user to confirm their identity by completing at least two login steps—typically entering a password followed by a unique code or push notification delivered via text or email. Meanwhile, SSO streamlines access to multiple applications and accounts by confirming a digital identity with one master login. Both offer extra protection against information theft.
  • Roll out security updates and software patches automatically. Out-of-date operating systems and expired software applications lead to serious security vulnerabilities. The 2017 WannaCry attack took advantage of the end of support for Windows 7, while Apple’s older Big Sur OS has recently led to exploits on Mac computers. These two hacks had global implications, shutting down IT systems in critical industries across the globe while stealing specific data sets like payment card details, cryptocurrency wallet keys, and application passwords. Keep your business and employees safe by rolling out security updates and software patches automatically (and during off-hours) to minimize disruptions and digital threats.
  • Protect your network with multi-layered security tools. Once the first three basic steps are in place, it’s time to consider more in-depth tools. These extra layers of defense identify and resolve problems before they escalate, protecting you with:
    • DNS filtering, which protects against web-based attacks like malvertising, illicit links, and hidden bots that track keyboard activity
    • Anti-spam filters that protect against email-based attacks by testing email attachments before they land in your inbox
    • Security incident event management (SIEM) and security operations center (SOC) solutions, which provide extra layers of intuitive detection
    • Endpoint detection and response (EDR), which provides back-end visibility into a company’s network to analyze incoming traffic and spot real-time threats
  • Enlist capable, comprehensive IT support you can count on. It takes a knowledgeable, trustworthy partner to deliver all of these security tools. It requires a proactive approach, too—one that makes a plan for addressing cybersecurity issues instead of waiting around for ransomware attacks or data breaches to happen. At CMIT Solutions, that includes:
    • 24/7/365 monitoring, which maintains a constant watch on every component of your company’s technology ecosystem
    • Real-world cybersecurity training, which empowers employees to be the first line of defense
    • Industry-specific compliance to help businesses meet evolving regulatory requirement
    • Nationwide support to protect both physical and remote offices—and the employees who staff them across multiple time zones 
    • Local, one-on-one support, which adds a human face and a reliable name to the complex details of IT support

CMIT Solutions has spent the last 25 years building this kind of trust with thousands of clients across North America. We take pride in protecting businesses of every size, employees across every industry, and devices new and old.

With more than 250 independently owned and operated offices supported by 800 technicians spread out across North America, we work 24/7/365 to defend your data, strengthen your systems, and empower your employees to work smarter and more efficiently.

If recent cyberattacks have you worried or you’re looking for a cost-effective way to enhance cybersecurity protections, ​contact CMIT Solutions today.