top of page

Supply chain risk grows from cyber-attacks on ports

The past year has once again shown how vulnerable maritime supply chains can be to disruption. During and after the Covid crisis, the fragility of shipping, ports, intermodal and drayage services were exposed firstly due to the pandemic itself, which resulted in staff shortages both in China and at ports throughout the West, and then by the overwhelming volume of containers created by consumer demand. Supply chains ground to a halt, with dozens of ships moored outside the West Coast ports of the USA as terminal operators struggled to deal with the backlog caused in part by inefficient processes and out-dated equipment.

Now, however, other threats are coming to the fore. Since 2020 there have been a spate of cyber attacks on ports which have caused significant disruption. The latest of these incidents involved the entire operations of DP World ports in Australia (Sydney, Melbourne, Brisbane and Fremantle) which handle 40% of the country’s trade in goods. The outage occurred for three days between the 11th and 13th November 2023. In this instance, DP World was forced to disconnect its systems from the internet to prevent ‘unauthorised access’ to its network, according to the BBC. Although operations were able to start once again after testing, management warned that there could be on-going issues. Shutting down IT systems had meant that trucks were unable to collect containers from the yard, leading to large backlogs – up to 30,000 containers. The attack has come at a bad time for DP World in Australia which has also faced industrial action by workers. This has resulted in a number of strikes resulting in containers not being off-loaded from trucks. Similar action has been reported across the world since the Covid crisis, reflecting the tensions caused by the worsening economic situation.

Ports in Japan have also recently come under attack, although in different ways. In September 2022, Nagoya Port was victim to a distributed denial-of-service attack (DDoS), so-called ‘Killnet’, which brought operations to a halt for 40 minutes. Then, the following year in July 2023 the same port was the target of a ransomware attack by a pro-Russian cyber gang, LockBit 3.0. The Nagoya Port Unified Terminal System (NUTS) was infected by a virus and a ransom note sent to a printer. As a result, the port, which accounts for about 10% of Japan’s seaborne trade, was closed for two days. One of the biggest companies affected by the outage was Toyota which was unable to load or offload parts. Some terminals were still able to fall back on manual systems, alleviating high levels of congestion. In the future, with increasing digitization, this option will become less available.

The criticality of ports to global supply chains makes them particularly attractive targets. Criminals know that any level of disruption can have huge implications in terms of delays and costs due to lost sales. Ports in India, South Africa, Spain, Canada, France, USA and the UK have all fallen victim to cyber-attacks since 2020.

Whilst in the past, ports and shipping companies have invested considerable time and money into ensuring the integrity of their physical infrastructure and assets, less attention has been paid to the possibility of an attack on their IT systems. This changed in 2017, when Maersk was a victim of the NotPetya virus. Maersk has been open about the huge impact that the breach of security had upon its operations. It was forced to re-install almost its entire IT infrastructure in 10 days which included:

•                     4,000 new servers

•                     45,000 new PCs

•                     2,500 applications.

Management believes that the final cost to the corporation was between $200 million and $300 million. Its shipping volumes dropped by 2%, with the rest having to be handled manually.

Supply chains dependent on sea freight are perhaps uniquely exposed to cyber-attacks due to the way in which shipping has become increasingly channelled through the ever-decreasing number of ports capable of loading and offloading the largest container ships. For example, a successful cyber-attack on a port community system of one of the big ‘gateway’ hubs such as Rotterdam or Los Angeles could have a substantial region-wide economic impact due to the lack of options available for re-routing ships. Shipping is increasingly reliant on information technology from navigation to propulsion, from freight management to traffic control. With the development and deployment of e-freight or e-maritime systems, the risk is only going to get worse.

Speaking at a cyber security conference, Secretary of Homeland Security, Alejandro Mayorkas warned of the vulnerability of port systems and the implications of such a breach of security to the ships entering and leaving ports. He commented:

‘Port environments are highly dependent on synchronization and precision when it comes to moving cargo.  Even a slight disruption – in cyberspace or in its daily operations – could have massive impacts, resulting in major delays in the movement of goods. In short, ports sit at the nexus of our homeland security and national security, and ensuring their protection, defence, and functioning must be – and is – a top priority.’

However, despite the priority which politicians and businesses say they are giving the issue, it seems that cyber-criminals are still one step ahead. As more processes become digitized and the industry becomes ever more dependent on technologies such as Artificial Intelligence, it is evident that risks to maritime supply chains will only increase.


John Manners-Bell’s latest book, Supply Chain Risk Management, now on its fourth edition, can be purchased direct from publisher Kogan Page. Use code KOGANPAGE20 to get 20% off the book (alongside free shipping to the UK and US) at

13 views0 comments
bottom of page