Cargo ships give SA a wide berth in wake of cyber attack

Paul Ash Senior reporter
A cyber attack on Transnet Port Terminals IT system has resulted in ships cancelling scheduled ports of call in SA. Stock photo.
A cyber attack on Transnet Port Terminals IT system has resulted in ships cancelling scheduled ports of call in SA. Stock photo.
Image: 123RF/ANEK SUWANNAPHOOM

Ships are diverting from Durban and other SA ports as Transnet grapples with a week-old systems outage that has caused chaos with its container handling operations.

The national rail, ports and pipeline operators declared force majeure at its container terminals in Durban, Ngqura, Gqeberha and Cape Town harbours following a cyber attack on July 22.

The attack disabled container tracking systems, which effectively shut the container terminals.

As the company battles to restore its systems, ships have begun diverting from SA ports.

Denmark-based global shipping giant Maersk noted in an advisory to clients on Tuesday that while operationally “some limited landside activities have resumed and, on the waterside, manual operations are under way”, the system remained disabled.

In more detailed client advisory notices, Maersk noted that a number of its ships would not make their scheduled port calls at Durban and Gqeberha and were diverting to other ports.

The affected ships included the EM Astoria, Rhone Maersk, Horizon and Marathopolis.

The EM Astoria was skipping its call at Gqeberha while the Horizon was heading to Maputo to pick and discharge cargo there instead.

With systems down, shippers have no idea where containers are, forcing Transnet to send teams into the terminals to manually determine container locations in the vast stacks in each terminal

With systems down, shippers have no idea where containers are, forcing Transnet to send teams into the terminals to manually determine container locations in the vast stacks in each terminal.

In a desperate attempt to get freight moving again, the company also implemented a manual booking system.

The cyber attack comes less than two weeks after trucks were burnt on the critical N3 freight artery between Durban and Gauteng, a move which also forced Transnet to halt trains on the parallel Natcor rail corridor.

Currently only refrigerated exports were being accepted for shipping with the process being fully manual, Maersk said. 

July usually marks the peak of SA’s citrus fruit harvest.

“We do not have clarity yet on when [dry cargo] acceptance will open up. For units arriving by rail it is not confirmed yet when rail stacks will open.”

Maersk said it understood the situation was “very fluid”. 

Meanwhile, a cyber watchdog, the Cyber Alliance to Defend our Healthcare, said it was concerned about the cyber attack given that SA’s ports handle 60% of the country’s imports and were critical entry points for Covid-19 vaccines and other essential supplies during the pandemic.

“The scale of the attack and the sophistication of the malware deployed by the hackers bear all the hallmarks of a malicious nation state-sponsored cyber attack,” the alliance said on Tuesday, adding it was concerned the attack had taken place at the same time as “a broader campaign of sophisticated disinformation and sabotage aimed to overthrow the democratically elected government of SA”.

The alliance called on countries with cyber crime fighting abilities to help SA and Transnet prevent what it said was a potential humanitarian disaster. 

TimesLIVE


Would you like to comment on this article or view other readers' comments? Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.