Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
In a significant disruption to Australia’s supply chains, major ports operator DP World Australia took its systems offline after a cyber attack, immobilising tens of thousands of shipping containers across the country. Key ports in Sydney, Melbourne, Brisbane and Perth – which are responsible for about 40% of Australia’s import-export traffic – were severely affected for three days.
While authorities have remained tight-lipped, the Australian Federal Police has confirmed it’s investigating the incident, which cyber experts believe to be a ransomware attack.
So far, we know that DP World’s technology systems were targeted and that there were impacts on vital data-sharing processes with transport trucks. Approximately 30,000 containers, including refrigerated ones containing perishable goods like blood plasma, were stranded at these ports, although DP World Australia’s systems are currently back online.
The attack happened on Friday, 10 November, leading the UAE-owned stevedore to take its systems offline for three days. During the outage, DP World swiftly began working with other operators to get freight moving at the ports. However, due to customs regulations, there were a variety of challenges for directing ships to collect containers already at its docks.
DP World’s Oceania business head, Nicolaj Noes, acknowledged the difficulty in estimating the financial impact of the stalled containers. The disruption led to a near-capacity pile-up of containers on docks, severely limiting storage space. The delays in container movement impacted a variety of industries, from retail to critical industrial operations.
The Australian Federal Police and Australian Cybersecurity Centre are investigating the breach. Government officials, including Infrastructure Minister Catherine King and Home Affairs Minister Clare O’Neil, have been briefed.
The cyber incident at DP World is serious and ongoing.
DP World manages almost 40% of the goods flowing in and out of our country, and this incident is affecting the ports of Melbourne, Fremantle, Botany and Brisbane.
— Clare O’Neil MP (@ClareONeilMP) November 12, 2023
The short answer is that we don’t know for sure. According to the few details we do have, no ransom demand has been made.
Australian authorities, including Cybersecurity Coordinator Air Marshal Darren Goldie, advise against paying ransoms. And Australia recently joined a forty-country pledge to never pay ransoms to cybercriminals.
As of 14 November, DP World Australia says its systems are already back online. Further, retail and supermarket chains have reassured that Christmas stock is unaffected, since most have their inventory already in the country. However, the attack underscores the vulnerability of supply chains, the interconnected nature of security, and the need for more resilient defences.
DP World’s crisis management efforts are under scrutiny, especially in the wake of previous mishandling of similar situations by other companies. The incident has sparked a broader discussion about the need for more container ports in Australia and the necessity of regulatory responses to ensure supply chain stability. Calls are being made to waive penalty fees for delayed container movements, highlighting the cascading costs down the supply chain that contribute to inflationary pressures.
The stevedore has confirmed it has cyber insurance, although it’s worth noting that standalone cyber insurance does not always fully cover an incident’s costs.
We don’t know yet whether any stolen data will be disseminated, but any sort of data breach can add fuel to various cybercrime tactics and scams.
Previously, we’ve taken a look at how malicious actors use stolen data to more effectively scam finance and accounts payable (AP) employees. Cybercriminals can use stolen data to make tactics like social engineering and business email compromise (BEC) attacks more effective. Even if your own data wasn’t caught in a breach, your team could be targeted using other people’s data.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud can strike any time, but certain periods increase your business’s vulnerability to fraudulent activities. During these times, your teams may be …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.