SECURITY
SECURITY
SECURITY
Transport company Toll Group crippled in suspected ransomware attack
Australian transport company Toll Group has suffered a “security incident” that made customers unable to send, receive or track their shipments.
The company, with operations across the globe, including mainland China, offers transportation and logistics services. Its delivery service is seemingly the hardest-hit.
“As a precautionary measure, in response to a cybersecurity incident on Friday, Toll deliberately shut down a number of systems across multiple sites and business units,” the company said in a statement. “Toll IT teams are working closely with global cybersecurity experts to resolve the issue” and “making progress with our recovery activities to restore our systems and Toll customer-facing applications.”
Missing from the statement is exactly what sort of cybersecurity incident this was, though there’s speculation that it was likely a ransomware attack. ITNews, quoting a source familiar with the matter, said the ransomware attack had affected more than 1,000 servers and that staff worldwide had been told to leave desktops and laptops switched off and disconnected from the corporate network.
Systems at the company remained offline today. Reports indicated that the company had resorted to processing deliveries manually. Operations in Australia, India and the Philippines are also said to have been the hard-hit.
“If it is ransomware, this could be bad news for the company,” Javvad Malik, security awareness advocate at security awareness training firm KnowBe4 Inc., told SiliconANGLE. “We’ve seen cybercriminals get more and more cunning with their ransomware infections. No longer are they just satisfied with encrypting data and demanding payment, but they take the opportunity to steal data and credentials, and use those as extra leverage against the victim organization.”
As a result, he added, the benefit of having offsite backups or threat detection controls begins to diminish, and it becomes imperative that organizations protect against infection to begin with. “When we look at the most common attack vectors, this usually boils down to knowing where all assets are, ensuring public-facing systems are patched, multi-factor authentication is deployed where possible, and perhaps most importantly, all staff are provided effective security awareness and training so that they can recognize phishing or other social engineering attacks and report them,” he said.
Photo: Toll Group/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
.jpg){kind=link}