Ransomware Attack Leaves Logistics Company with Disabled Systems, Manual Processes, and Customer Delays

ransomware-screen-skullThe devastation after a ransomware attack on global logistics company Toll Group demonstrates the impact a simple ransomware attack can have on operations.

The last thing any shipping company wants to tell its customers is that deliveries will be suspended indefinitely. But, that’s exactly what Australian logistics company Toll Group needed to communicate to some of their customers in the wake of last week’s ransomware attack.

In response to quickly identifying the ransomware attack, Toll chose to immediately isolate and shut down infected systems which impacts several customer-facing applications. Employing over 40,000 people worldwide, the loss of any application places a burden on staff to figure out how to maintain operations. In Toll’s case, according to one notification, reverting back to manual processes in some cases was necessary.

Ransomware today is about disrupting operations – encrypting of data is only the means to do so. In Toll’s case, the attack was a success. From the post-attack announcements made on their website, it sounds like they implemented pre-made plans to remediate the situation as quickly as possible, with no mention of whether ransom demands were met.

Toll was hit by the MailTo variant of ransomware, part of the KoKo ransomware family. With phishing typically used as the attack vector, it’s likely that a Toll employee fell for a phishing scam and clicked on a malicious attachment. Users that have been educated with Security Awareness Training are better able to avoid becoming the victim of phishing scams by being taught to be generally more aware of the prevalence and methods of such cyberattacks.

As of the writing this article, Toll is still working through their remediation steps and working to fulfill customer needs as quickly as possible.

Ransomware Has Gone Nuclear, How Can You Avoid Becoming The Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

GoneNuclear-WEBINARJoin us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

Watch Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Ransomware

Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews