South Africa's state-owned logistics firm Transnet said on Tuesday it was working to restore systems, after the country's key port terminals suffered a major cyber-attack last week.
The security intrusion began on July 22 but has since continued, forcing Transnet to switch to manual systems, it said.
In a letter to its customers dated Monday, the company declared a force majeure -- a clause that prevents a party from fulfilling a contract because of external and unforeseen circumstances.
It said it had "experienced an act of cyber-attack, security intrusion and sabotage, which resulted in the disruption of... normal processes and functions."
As a result, operations have been severly disrupted in ports in Cape Town, Port Elizabeth, Ngqura as well as Durban's, the busiest in sub-Saharan Africa.
In a statement later on Tuesday, the firm said it expected to lift the force majeure "soon" following "significant progress in restoring" its systems.
"It is expected that some applications may continue to run slowly over the next few days," it said.
The full effects of this disruption, which has occurred at the peak of the citrus export season, are yet to be known, but are sure to be devastating for the South African economy, which suffers from the aftermath of rioting in the KwaZulu-Natal and Gauteng provinces and a year and a half of Covid-19 restricitions.
"The last few days have been the nail in the coffin," said Dave Watts, a consultant to the South African Association of Freight Forwarders.
"Up to this morning nothing is moving out of the ports, zero, since Thursday," he told AFP.
"It's a nightmare. It's just a catastrophe, frankly," he said, noting that the disruption had occurred at the peak of the citrus export season, when South African farmers were rushing to get their produce to foreign markets. "It's a perfect storm".