Toll hit by cy­ber at­tack….again

New Zealand Truck & Driver - - Front Page -

TRANS­PORT AND LO­GIS­TICS GI­ANT TOLL GROUP has suf­fered its sec­ond ran­somware at­tack this year – con­firm­ing last month that data had been stolen in the lat­est cy­ber at­tack.

The Aus­tralian-based com­pany re­vealed the sec­ond breach of its IT sys­tem’s se­cu­rity this year in a state­ment on May 5 – but said then that se­cu­rity ex­perts had found no ev­i­dence at that point “to sug­gest that any data has been ex­tracted from our net­work.”

How­ever, a week later, it con­firmed that the at­tack­ers had ac­cessed “at least one spe­cific cor­po­rate server” in its IT sys­tem – and had “down­loaded some data stored…”

Adding that the com­pany was “in the process of iden­ti­fy­ing the spe­cific na­ture of that in­for­ma­tion.

“This server con­tains in­for­ma­tion re­lat­ing to some past and present Toll em­ploy­ees, and de­tails of com­mer­cial agree­ments with some of our cur­rent and for­mer en­ter­prise cus­tomers.”

Toll said it had “re­fused from the out­set to en­gage with the at­tacker’s ran­som de­mands, which is con­sis­tent with the ad­vice of cy­ber se­cu­rity ex­perts and gov­ern­ment au­thor­i­ties.”

The com­pany re­port­edly suf­fered dis­rup­tion to its IT op­er­a­tions for more than a month af­ter a late Jan­uary cy­ber at­tack, said to have been the work of Rus­sian hack­ers.

In last month’s cy­ber at­tack,Toll said that “a rel­a­tively new form of ran­somware known as Ne­filim” was used and added: “This is un­re­lated to the ran­somware in­ci­dent we ex­pe­ri­enced ear­lier this year.”

Toll said that the May at­tacker “is known to pub­lish stolen data to the ‘dark web.’ This means that, to our knowl­edge, in­for­ma­tion is not read­ily ac­ces­si­ble through con­ven­tional on­line plat­forms. Toll is not aware at this time of any in­for­ma­tion from the server in ques­tion hav­ing been pub­lished.”

It’s not known whether any of the stolen data in­volves Toll Group’s cus­tomers or staff in New Zealand, but the com­pany said it is work­ing with the Aus­tralian Cy­ber Se­cu­rity Cen­tre (ACSC) and the Aus­tralian Fed­eral Po­lice (AFP) on the lat­est hack.

Toll Group man­ag­ing di­rec­tor Thomas Knud­sen de­scribed the most re­cent at­tack as “an un­scrupu­lous act.”

And he added that cy­ber crime poses “an ex­is­ten­tial threat for or­gan­i­sa­tions of all sizes, mak­ing it more im­por­tant than ever for busi­ness, reg­u­la­tors and gov­ern­ment to adopt a united ef­fort in com­bat­ing the very real risk it presents the wider com­mu­nity.

“We con­demn in the strong­est pos­si­ble terms the ac­tions of the per­pe­tra­tors. This is a se­ri­ous and re­gret­table si­t­u­a­tion and we apol­o­gise un­re­servedly to those af­fected. I can as­sure our cus­tomers and em­ploy­ees that we’re do­ing all we can to get to the bot­tom of the si­t­u­a­tion and put in place the ac­tions to rec­tify it,” he said.

Toll said that, given the tech­ni­cal and de­tailed na­ture of the anal­y­sis in progress, it ex­pects that it will “take a num­ber of weeks to de­ter­mine more de­tails.

“We have be­gun con­tact­ing peo­ple we be­lieve may be im­pacted and we are im­ple­ment­ing mea­sures to sup­port in­di­vid­ual on­line se­cu­rity ar­range­ments.”


Toll has not dis­closed whether the data stolen in­volves any of its New Zealand busi­ness

Newspapers in English

Newspapers from New Zealand

© PressReader. All rights reserved.