On Friday, the Australian logistics company Toll Group suffered a “cybersecurity incident” which has since been confirmed as ransomware. A spokesman stated that the company was the victim of a “targeted ransomware attack” and that a number of the company’s systems had to be isolated and disabled in an attempt to contain the infection. The shutdown of so many systems has had an impact on several customer-facing systems. Currently, Toll Group is utilizing manual processes in an attempt to continue operations, but the attack has created a backlog of goods that have gone undelivered. Toll Group has increased staff temporarily to help clear the backlog of goods and return operations to normal levels.
Analyst Notes
While Toll Group believes they know which variant of ransomware they were hit with, malware researchers have called their announcement of the variant into question. The longer malware is allowed to remain undetected on a network, the more computers it can spread to, causing greater disruption to business operations. Detecting malware early and responding to stop the spread to other computers is the key to minimizing damage. This is not the first time that a large company has been forced to revert to manual processes to continue functioning after a ransomware attack. While manual processes can help a company continue to function, the effects it has on productivity can cause a great deal of harm. More information on this attack can be found at https://www.zdnet.com/article/deliveries-stranded-across-australia-as-toll-confirms-ransomware-attack/
