Yet another ransomware attack is causing huge problems for the company on the receiving end.
This time, Australia-based shipping firm Toll Group is scrambling to get its systems back up and running after succumbing to a malicious attack on Friday, January 31.
Ransomware works by locking down a computer system, with a financial payment to the hacker usually the only way for the victim to regain access to their data. The malware is usually delivered via a link in an email attachment, or via an infected website.
Toll, which employs 40,000 people globally, revealed on Monday that a “cyber security incident” had forced it to “deliberately shut down a number of systems across multiple sites and business units” to limit the spread of the attack.
But it wasn’t until Tuesday that Toll confirmed ransomware as the cause.
Sources claiming to have knowledge of the incident told ITNews that staff at Toll’s offices around the world were ordered to disconnect their computers from the corporate network before powering them down.
Toll: “Working around the clock”
The Melbourne, Australia-based company insisted that it is “working around the clock” to get on top of the situation, but added that some of its customers “are experiencing delay or disruption.”
Toll said that for parcels, its processing centers are continuing to operate as usual for pick-up, processing, and dispatch “albeit at reduced speed in some cases.” It added that with some of its computer systems still down, most of its other operations have had to switch to manual systems.
The company said that its investigations so far suggest that no personal data was stolen in the incident.
The level of damage caused by a ransomware attack depends partly on whether the victim — which can include individuals as well as businesses — has a system in place to back-up data on a regular basis. Some victims without such a system face losing all of their data unless they pay the ransom.
Ransomware attacks are growing in number, with large organizations being increasingly targeted. The disruption caused by such attacks can result in untold harm to a business. Take Travelex. The world’s largest retail currency dealer is still recovering from a ransomware attack that took place five weeks ago, with its online travel money service still unavailable to customers.
We’ve reached out to Toll Group to find out more about how it’s dealing with the incident and will update this article when we hear back.