Double the ransom for Toll

Double the ransom for Toll 1

Double the ransom for Toll

Toll Holdings has again been struck by a ransomware attack. Earlier this year Russian based hackers annihilated the logistics system that Toll relied upon to deliver services. Toll had taken months to recover but then COVID-19 sent everyone working from home to a personal computer and created new security issues.

This latest attack on Toll is apparently unrelated to the previous 2020 attack from 4 months ago, despite sharing a similar format. Nefilim is the strain of ransomware that “attacks information systems through remote desktop protocols” but differs in payment systems from Mailto ransomware. Toll is again refusing to comply with the ransom demands which encourage a payment from the victim before data is released onto the dark web. Toll is instead, working closely to solve the crime with Australian Federal Police and the Australian Cyber Security Commission.

Double the ransom for Toll 2

Faster Networks have previously reported the dangers of sending everyone with a desk-job home to work on a personal computer, it has left businesses vulnerable to attack and provided a greater number of easy entry points to sensitive company data. Companies are definitely addressing two-factor authentication systems for people working from home but maybe they are not as common as needed or as robust as authentication methods within office surrounds.

Customer loyalty is at the behest of company transparency and Toll have relinquished what they know to date. According to IT News, Toll believes a company server that houses employee data and corporate services contracts may have been stolen. Now they need to ensure a thorough investigative, reporting and reflective process to improve security outcomes.

Faster Networks help businesses protect their digital assets. We are a cyber security partner that brings the best software solutions that anticipate and fix digital vulnerabilities. Our areas of expertise includes Vulnerability Management, Security Orchestration Automation and Response (SOAR), Application Security, Infrastructure Security, Distributed Denial of Service (DDoS) Protection and Application Pentesting.

Contact us on +61 3 9016 0085 or send us an email to learn more about our cyber security services.