Patching Issue Causes Major Australian Cyber Breach

17 November 2023

The importance of vulnerability management and the patching security flaws was recently highlighted by a cyber-attack that crippled global stevedore DP World’s Australian operations. Internal data was compromised during the hack, but the company remains tight-lipped regarding the extent of the breach while investigations continue.

It appears DP World failed to patch a vulnerability within its IT network, specifically with the Citrix Netscaler system, and this was exploited by infamous Russian hacking group LockBit. Having identified the security flaw months prior, Lockbit then scoured the globe for organisations that had not acted to patch the issue, drawing up a list of targets that included DP World. The company was forced to shutter its local operations, affecting almost 40% of the Australian import and export capability. Trucks were temporarily unable to collect freight from DP World facilities, causes backlogs and delays to ripple across multiple supply chains.

Federal Cybersecurity Minister Clare O’Neil and the Australian Cyber Security Centre have warned businesses to urgently update Citrix systems in light of the actions of LockBit and its affiliates that also hit aerospace giant Boeing and the Industrial and Commercial Bank of China. The Minister said of the patching issue, “The vast majority of cyberattacks are completely preventable, if you take pretty straightforward steps. Regular patching is one of them.”

Issues like vulnerability management and patching for network flaws can prove onerous for companies with limited internal security capabilities. The ever-changing threats posed by sophisticated hacking groups like LockBit pose a continuous risk to Australian companies across all industry sectors. One solution to the challenge of implementing a comprehensive cyber security strategy within a dynamic environment is to outsource specific responsibilities.

At Intalock we provide solutions such as Vulnerability Management as a Service (VMaaS) to leading Australian entities who rely on our expertise to minimise their threat profile and enhance organisational resilience. Our personnel are on the front lines of the cyber war and are accustomed to providing the very latest proactive measures and rapid response capabilities should your company be targeted.

If you would like more information about how we could reduce your risk profile and bolster your defences, contact us today.

back to blog