Australia’s Toll shuts down IT systems to contain cyber attack

Australian logistics and delivery giant Toll Group has shut down some IT systems in response to cyber security attack. 

Toll Group’s logistics networks spans 1,200 locations in over 50 countries and employs 40,000 people across the globe. 

The company hasn’t explained what type of cybersecurity incident caused it to “deliberately shut down a number of systems across multiple sites and business units”. Toll said it was a “precautionary measure”. 

The action follows numerous cases of large industrial companies that have recently been forced to shut down IT systems due to ransomware infections. 

Norwegian metals firm Norsk Hydro in March last year shut down IT systems after they were infected with the LockerGoga ransomware. It cost the company AU$87m in lost revenue. Officials claimed to not have paid the attackers the ransom, highlighting throughout the recovery that it had solid cybersecurity insurance.   

Some IT systems at UK currency exchange Travelex today remain down more than a month after its computers were infected with REvil ransomware due to its reported use of a vulnerable version of Pulse Secure VPN.

Travelex took its site offline on New Year’s Eve and only last Thursday re-opened parts of its website to allow customers to order travel money, but some services still remained unavailable. The company faced a demand of US$6 million to regain access to its data, which was encrypted by REvil.  

Toll hasn’t said whether cyber attackers have demanded a ransom or if its systems were impacted by ransomware. Given similar responses to recent attacks on other companies and government organizations in recent years, ransomware would seem a likely candidate.  

The company explained that it is currently focussed on restoring its customer-facing applications and is working with “global cyber security experts” to get itself back online. 

“Our immediate focus is on bringing our systems back online in a controlled and secure manner,” Toll said in a statement. 

Toll Group is a huge Australian logistics company with annual revenues of nearly $9 billion last year and business units across Asia, North America, Europe, Africa and the Middle East. 

CSO Australia has asked Toll Group for more information and will update the story if it receives a response. 

Danish logistics and shipping giant Maersk faced a US$300 million recovery bill for the NotPetya ransomware of July 2017, which governments in the US, UK, and Australia blamed on Russian state-sponsored hackers rather than cybercriminal groups. 

Copyright © 2020 IDG Communications, Inc.

The 10 most powerful cybersecurity companies