Toll cyber attack a cautionary tale

Monday, 18 May, 2020

Toll cyber attack a cautionary tale

In a reminder of the care that must be taken in managing cybersecurity risk in an increasingly interconnected supply chain, logistics company Toll Holdings last week reported a data theft following a cyber attack involving ransomware known as ‘Nefilim’.

“After detecting this attack, we shut down our IT systems to mitigate the risk of further infection,” the company said in a press release. “Toll has refused from the outset to engage with the attacker’s ransom demands, which is consistent with the advice of cyber security experts and government authorities.”

Toll revealed that the attacker had accessed at least one corporate server that contains information relating to some past and present Toll employees, and details of commercial agreements with some current and former enterprise customers. The breach did not result in access to current operational data, the company said.

“We have notified and are working with the Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP). We are also actively managing our regulatory disclosure obligations,” said the release.

It is a cautionary tale that manufacturing companies should not ignore. In the drive to a more connected supply chain (think Industry 4.0 or smart manufacturing), any company that interconnects with another company digitally for greater business efficiency needs to be sure that its cybersecurity is best practice.

Cybersecurity is only as ‘strong’ as the weakest link in the chain — so no matter how much effort we put into shoring up our defences, we need to be aware that the companies we partner with may present a risk (however unintentional) to our own organisation.

It is incumbent on those responsible for cybersecurity in a manufacturing organisation to be sure that they take all steps to not only limit risk to their own company, but also to partner and customer organisations. Similarly, it is important to expect the same of those organisations with which we do business electronically.

Image: Toll Holdings

Related News

Report highlights IoT cybersecurity risk in mining industry

The majority of mining organisations report that cybersecurity has not been a priority for their...

Ransomware and the IIoT

Connected devices increase vulnerability to cybercrime.

HAWK launches in-plant PoE and remote monitoring system

Hawk Measurement Systems has designed and developed what it says is the industry's first...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd