DP World Australia did not fix ‘critical’ CitrixBleed exploit that shut down ports
DP World Australia is dealing with the aftermath of a recent cyber attack that exploited a critical IT vulnerability known as ‘CitrixBleed,’ resulting in the shutdown of four major ports and significant disruptions with 30,000 containers piling up.
The ‘CitrixBleed’ exploit, classified as “critical” by the Australian Cyber Security Centre (ACSC), has been globally exploited since its discovery in July, leading to notable data breaches, including an incident at the New York arm of the Industrial and Commercial Bank of China.
A concerning aspect of the cyber attack is that devices registered on DP World’s network had not been updated to remove the ‘CitrixBleed’ vulnerability despite the patch being available for over a month before the attack on November 10.
This patch, a software update designed to eliminate the vulnerability, could have prevented the cyber breach.
RELATED: Change your password if it’s on this list
While specific details of the attack remain undisclosed by DP World, cybersecurity analysts point to ‘CitrixBleed’ as a likely entry point.
Matthew Remacle, Detection Engineering Tech Lead at GreyNoise Intelligence, suggests that using ‘CitrixBleed’ to gain initial access to the network is plausible, according to ABC News.
Notably, certificates for the vulnerable system were updated on the day of the incident, aligning with recommended actions in response to a ‘CitrixBleed’ attack.
Cybersecurity expert Kevin Beaumont suggests that the attack on DP World is part of a broader “mass exploitation” event involving at least two ransomware gangs.
RELATED: Cause of massive Optus outage revealed
Cybersecurity firm Cyber CX is advising DP World on addressing the aftermath of the attack, emphasising that the company has not received a ransom request.
Alistair MacGibbon, Chief Strategy Officer at Cyber CX, highlights the incident as a stark reminder of the vulnerabilities in critical infrastructure systems.
The Security of Critical Infrastructure Act mandates operators of critical assets, including DP World’s ports, to report cyber incidents and implement risk assessments.
The Australian government is actively collaborating with DP World and other stakeholders to enhance the maritime environment’s resilience against cyber threats.
For more latest Economy News Click Here
Denial of responsibility! FineRadar is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.