[HN Gopher] Australia locks down ports after 'nationally signifi...
___________________________________________________________________
Australia locks down ports after 'nationally significant'
cyberattack
Author : perihelions
Score : 109 points
Date : 2023-11-12 11:20 UTC (11 hours ago)
(HTM) web link (www.independent.co.uk)
(TXT) w3m dump (www.independent.co.uk)
| jruohonen wrote:
| "The operator shut down four ports at Sydney, Melbourne,
| Brisbane, and Fremantle after detecting a cybersecurity incident
| late on Friday night. DP World is responsible for 40 per cent of
| Australia's maritime freight."
|
| Yes, sounds serious enough.
| GordonS wrote:
| I was thinking about networking ports from the title!
| parsimo2010 wrote:
| Yeah the article makes it pretty far before saying "maritime
| ports" and even then the article never seemed to acknowledge
| that there is ambiguity in "shutting down port operations"
| created when the triggering event is a cyber attack.
| hnlmorg wrote:
| I appreciate you may not be aware of the Independent but it's
| a general audience publication. That author isn't even a tech
| journalist so I doubt they are even aware of what a TCP/IP
| port is let alone that it's related to the subject matter in
| any way.
|
| They'd probably have more familiarity with "port" used in
| other contexts like:
|
| - the opposite of starboard
|
| - USB port
|
| - the alcoholic beverage (like Wine)
|
| ...amongst any array of other usages.
|
| And out of all of them, the one that makes the most
| grammatical sense to your average person is maritime ports.
|
| So I don't think it's unreasonable the way it was written.
| joppy wrote:
| If a country has the capability to "lock down ports", they're
| probably shipping ports - do you think Australia is just
| suddenly going to (or has the capability to) block all IP
| traffic on certain ports? A notable exception is China.
| halJordan wrote:
| So when you read DP World is shutting down four major ports
| in the first few sentences: You thought that a private
| company was requiring every other private company & the
| various govts in Aus to firewall off the http port or
| something like that?
|
| I'm all for blaming schools and blaming journalists for
| mistakes stupid people make, but that seems like it's on you
| being a little too credulous.
| globular-toast wrote:
| I mean, if you know what a network port is how could the
| title or content referring to network ports make sense?
| chrismorgan wrote:
| > _an ongoing cyberattack targeting major ports_
|
| Hmm... 443 (HTTPS), 80 (HTTP), 53 (DNS), 587 (SMTP submission),
| ...
| alwaysrunning wrote:
| lol that was my first thought too.
| coffeecantcode wrote:
| For context:
|
| China had a ban on Australian imports in the wake of the
| Australian PM saying that Xi and China should be investigated
| because of Covid or something along those lines.
|
| China just this last week dropped the ban and expected Australian
| imports to come flooding back in but almost nobody bit that hook
| due to the amount of time and money export companies had spent
| arranging relationships with other countries instead of China in
| the wake of the ban.
| yellow_lead wrote:
| That's pretty bad for China. As I recall they import most of
| their iron ore from Australia for steel production. Australia
| is a huge metals exporter.
| coffeecantcode wrote:
| Yeah it's a bad look, especially since Australia pivoted to
| India to fill the large gap China left in their export
| market. Now India is importing from Australia at a rate that
| is alarming only to China.
|
| The only problem for Australia is the China was often times
| paying radically larger premiums for Australian goods then
| any other country would be willing to pay. So everyone is
| starting to feel the heat.
|
| https://www.wsj.com/world/asia/china-says-australias-
| exporte...
|
| Interesting read.
| ImaCake wrote:
| Although your point still stands, the iron ore goes out
| through different ports mostly in the Pilbarra or northern
| Queensland.
| MichaelZuo wrote:
| Can you link the source? As far as I know most HS4 categories
| of trade goods never went to zero.
| coffeecantcode wrote:
| No not to zero, I believe Australian exports to China went
| from 45% to 37% in 1 year. I have the article link posted in
| one of my comments below. In retro my use of the word ban
| makes it seem expansive and absolute but really it just
| resulted in billions and billions of dollars redirected or
| lost.
|
| Edit: https://www.wsj.com/world/asia/china-says-australias-
| exporte...
| xbmcuser wrote:
| It will move the other way in a year very soon
| JumpCrisscross wrote:
| > _will move the other way in a year very soon_
|
| China is grappling with deflation [1]. It is likely
| they're in a recession, at least in sectors relevant to
| housing demand. Given the state of regional government
| and developer finances, I don't see where this _de novo_
| steel comes from.
|
| [1] https://www.cnn.com/2023/11/09/economy/china-
| deflation-octob...
| nradov wrote:
| With the collapse of Evergrande and other large Chinese
| real estate developers, who will buy all of that steel?
| toyg wrote:
| I think it's unrealistic to expect complex export operations
| and contracts to be rerouted in a week. Like we saw with
| Brexit, stopping trade flows is very quick and easy but
| restarting them is very slow and hard. Chinese leadership
| typically reasons in terms of decades (or more), I wouldn't
| expect them to be mad with rage after a week.
| JumpCrisscross wrote:
| > _Chinese leadership typically reasons in terms of decades
| (or more)_
|
| Historically, yes. But Xi is a dictator, and has been making
| decisions on mortal, personal timelines.
| NicoJuicy wrote:
| That's literally why they blocked Australia the first time...
| nradov wrote:
| These are no longer typical times for Chinese leadership.
| Chairman Xi has successfully purged all other power centers
| but this has made him increasingly isolated and surrounded
| only by sycophants. Underlings are now afraid to bring him
| bad news or push back on bad decisions. Thus, we should
| expect to see an escalating level of errors and
| miscalculations.
| coffeecantcode wrote:
| Xi's leadership style is beginning to show very serious
| parallels to Chiang Kai-Shek's leadership of China in the
| early 20th century, but with a fair bit more competency and
| an unbelievably higher level of influence and power.
| alephnerd wrote:
| > Chinese leadership typically reasons in terms of decades
| (or more)
|
| No offense, but who keeps perpetuating this myth. Is this
| Zeihan bullshit?
|
| In my previous life I've worked with people who worked at or
| near those levels and Chinese policymakers aren't any
| different from those in other countries (though the older
| generation does seem to have a bit of a penchant of skimming
| the top more than younger ones).
|
| If there was a long term multigenerational plan, then LGFVs
| would have been cracked down a decade ago, they wouldn't have
| bungled the entire Semiconductor Manufacturing subsidy (only
| 1 company remains out of 6-7 that were given tens of billions
| of dollars, most of which was skimmed by corruption), and
| they wouldn't have instigated a trade war with South Korea
| and Japan leading both nations to move their investments to
| Vietnam and India respectively.
| reducesuffering wrote:
| > Is this Zeihan bullshit?
|
| That is the polar opposite of Zeihan's view. You couldn't
| have picked a worse name.
| alephnerd wrote:
| Touche. I'm just grumbling about all the bullshit pop
| geopolitics I'm seeing on HN. It's all essentially
| orientalizing the Chinese experience by treating g
| Chinese policymakers as either omniscient calculating
| malicious geniuses or bumbling authoritarians strangling
| the golden goose. The reality is just much more prosaic
| and it pisses me off as someone who worked directly on
| this stuff in the early/mid 2010s.
| alephnerd wrote:
| If it's China that did it, they're in a world of hurt from the
| UAE.
|
| DP World owns most of the major ports globally. It's absolutely
| massive and a critical part of the UAE's larger geopolitical
| strategy.
|
| They operate the Antwerp Port, Le Harve Port, Qingdao Port,
| Hong Kong Port, Tianjin Port, Mudra Port, just about every port
| in Australia, Saigon Port, Karachi Port, Vancouver Port, Manila
| Port, Busan Port, Laem Chabang Port, etc.
|
| They are the backbone of global logistical infrastructure.
|
| DP is owned by Dubai's royal family (Makhtoom). If AD Ports
| properties were also hit (owned by the Abu Dhabi royal family -
| the Nayhan's) it's game over. Whichever country did this would
| be de facto blocked from UAE, and the UAE is critical for
| Chinese, Russian, Iranian, and Indian FDI.
| alephnerd wrote:
| Addendum:
|
| I wouldn't rush to blame the Chinese for this yet. It could
| also just be a coincidence.
|
| Perpetrating a massive cyberattack during APEC before meeting
| Albanese and Biden is just horrible optics and destroys the
| ongoing normalization efforts
|
| It's too soon to attribute cause
| throwaway290 wrote:
| The headline doesn't fully jive with the text. Ports were shut
| down by a private company called "DP World Australia". DP World
| is an UAE based shipping company that apparently operates some
| Australian ports and handles 40% of country's shipping traffic?
| Obviously it's a major fish so the government basically has no
| choice and tries to help them sort out the attack.
| justinclift wrote:
| Wonder if there's a relationship between the Optus outage a few
| days ago and this cyberattack?
| rpy wrote:
| The government have said the Optus outage was not suspicious.
| Seems to have been a BGP config change gone wrong.
| jiggawatts wrote:
| Is that your best guest or have you seen any insider
| information?
|
| I haven't yet seen even the hint of the specific technology
| involved, let alone a root cause analysis.
| justinclift wrote:
| The BGP thing was mentioned on HN as a likely possibility
| in the main submissions discussing the outage
| (https://news.ycombinator.com/item?id=38185841,
| https://news.ycombinator.com/item?id=38185009), and the
| Cloudflare Radar "BGP Announcements" graph seems to support
| it.
|
| There's a spike of 940,480 BGP events on Nov 7th at 17:00
| UTC, which was 4am Sydney time:
|
| https://radar.cloudflare.com/as4804?dateRange=7d
|
| Note the "7d" (7 days) on the end of the url, so if you're
| trying that link more than a week after the Optus event you
| might need to bump that number up.
|
| ---
|
| Doesn't seem like captures / snapshots of Cloudflare Radar
| by The Wayback Machine (web.archive.org), nor archive.today
| work.
|
| Seems to only capture the html/css/js, but without any
| data. So the graphs are all empty / grey. :(
| idonotknowwhy wrote:
| Would a BGB config cause phones not to connect to the cell
| towers?
| justinclift wrote:
| Maybe the cell towers couldn't load their config's properly
| or similar?
| heresie-dabord wrote:
| TFA also mentions:
|
| "The cybersecurity incident follows a cyberattack at Melbourne's
| cryptocurrency exchange Coinspot, which saw more than $2m taken
| away from accounts."
|
| However, theft from a cryptocurrency exchange may be considered
| to be a "credulity correction" in market economics.
| pedalpete wrote:
| The ports of Sydney and Melbourne have been shutdown over the
| weekend as part of pro-Palestinian rallies. I wonder if this
| could be related.
|
| https://www.9news.com.au/national/pro-palestine-protesters-g...
|
| HelpfulContrib stated the same, but was either downvoted to
| oblivion or removed his post.
| technion wrote:
| I would generally suggest if you haven't patched a Netscaler by
| this point, which Shodan suggests they had not, you're a
| timebomb for a ransomware outbreak.
|
| There's a lot of political suggestions that have reasonable
| arguments but I'd be very surprised if there was much more
| targeting than "hey we found another unpatched Netscaler".
| plantain wrote:
| Highly likely it was unpatched Citrix Netscaler
|
| https://cyberplace.social/@GossiTheDog/111391466200487619
___________________________________________________________________
(page generated 2023-11-12 23:01 UTC)