Freight giant Toll Group has shut down “a number” of IT systems due to a “cyber security incident”, with customers reporting shipment tracking is down and drivers are reverting to manual receipts. Toll said in a brief statement on its website late Friday last week that “as a precautionary measure, Toll has made the decision to shut down a number of systems in response to a suspected cyber security incident.”
Delivery giant @Toll_Group has come under cyber attack, forcing it to shut down some services. Customers, of course, are not happy.https://t.co/XwJRVECjnx#ausbiz #toll #CyberAttack
— John Dagge (@johndagge) February 3, 2020
Details are slim at the moment as to what the cause of the incident is. But judging from the fact that Toll has shut down many systems and reverted some processes to manual, ransomware could be a likely culprit.
If it is ransomware, this could be bad news for the company. We\’ve seen cyber criminals get more and more cunning with their ransomware infections. No longer are they just satisfied with encrypting data and demanding payment, but they take the opportunity to steal data and credentials, and use those as extra leverage against the victim organisation.
As such, the benefit of having offsite backups or threat detection controls begins to diminish, and it becomes imperative that organisations protect against infection to begin with. When we look at the most common attack vectors, this usually boils down to knowing where all assets are, ensuring public-facing systems are patched, multi factor authentication is deployed where possible, and perhaps most importantly, all staff are provided effective security awareness and training so that they can recognise phishing or other social engineering attacks and report them.