Toll Group ransomware attack: Are you ready for the ripple effect?

Posted by Craig McDonald on 14 February 2020 13:24:53 AEDT

As many of you know by now, logistics giant Toll Group was in the news last week after they were hit by a ransomware attack called Mailto. This attack is usually delivered via an infected email, that was most likely clicked on by an unsuspecting employee which then infects systems running on Microsoft Windows, encrypting files and leaving a ransom note on-screen. The note says that the only way to get the files back is by paying a ransom in Bitcoin.  

Why the logistics industry is a popular target

The logistics industry is a favourite among cybercriminals, primarily for 3 reasons. Firstly, logistics companies typically maintain a wide network of third-party relationships – making them a gold mine of data. Secondly, companies like Toll Group have a large & complex supply chain ecosystem that relies heavily on cyber-based control, navigation, tracking, positioning and communications systems. This means they contain multiple digital vulnerabilities that make it easier for cybercriminals to infiltrate their networks. Third, the very nature of their business is time critical, so they are under more pressure than most to make a call on paying the ransom so as to not disrupt their operations, and the businesses of all of those that are depending on their deliveries.   

This last reason is precisely why, for the Toll Group, with an ecosystem so large & complex (involving an intricate, interdependent network of consumers, partners, vendors, and suppliers), the implications of this ransomware attack are likely to result in a ripple effect that far outweighs the initial costs to their business alone. The tangible and intangible losses resulting from an attack like this can have catastrophic consequences for businesses, and a flow on impact to those in their ecosystem, but the ripple effect is often unreported, and unnoticed.  

The ripple effect

When surveyed, 59% of C-level executives said that the domino effect from a cyber-attack could extend to larger geographical areas while 56% stated it could also potentially expose national vulnerabilities. 

Imagine you’re a Toll Group customer and the business delivers products that form a key component of your own supply chain. Your products aren’t getting delivered and there may be a disruption in your production line and by extension, in your cash flow. Your company, your brand and reputation all take a hit. Conversely, imagine you’re a small business and Toll Group is a huge customer that you heavily rely on to maintain your profit margin. There’s a delay resulting from this ransomware attack and you’re not getting paid. In either scenario, the attack creates a detrimental ripple effect that is likely to have a severe impact on your business too. The effects of a cyber-attack can actually ripple for years, resulting in a wide range of “hidden” costs—many of which are intangible impacts like reputational damage, operational disruptions or even a drop in employee engagement.

Reputational damage

And this negative impact on the company’s ecosystem is already beginning to show. Due to a loss of system availability and productivity, Toll Group’s customers are experiencing delays in deliveries and are taking to social media to express their ire about how that’s impacting their own businesses. While I personally respect Toll’s efforts to be transparent, their approach has been copping a lot of flak from others. Here’s a screenshot of one such tweet:

 tweet

 

A cyber-attack limited to one organisation can be enough to cause significant financial loss, data compromise, and long-term damage. However, new research found that the average data breach affects 10 firms beyond the initial victim and that the ripple effect resulting from a cyber-attack can result in financial loss that is 13 times greater than the losses from events involving a single party.  

Container shipping company A.P. Moller-Maersk suffered a malware attack in 2017 that cost the company $300 million in lost revenue. Similarly, FedEx estimated a $300 million loss after it was hit by the NotPetya cyber-attack. If that’s how much these companies lost, consider the consequential financial costs from the ‘ripple effect’ which may approach 13 times that amount. That’s a gargantuan figure – and I shudder to think of how much damage this attack on Toll Group is going to incur on the local & global economy over the years.  

Data loss

And that’s just the financial aspect. Toll Group has repeatedly maintained that it “has seen no evidence to suggest any personal data has been lost” but in cases of other cyber-attacks, we may not be so ‘lucky’. The ripple effects of data breaches could also result in more cases of identity theft, loss of proprietary information or other strategic assets. Typically, the stolen data ends up on the dark web, making the situation even worse. 

Take Yahoo for example. The Internet service company was hit by a data breach in 2013 and originally reported that the attack compromised 1 billion Yahoo user accounts. By 2017, that figure ballooned to 3 billion. 

Is your business ready to deal with the consequences of a ripple effect?

Microsoft CEO Satya Nadella has warned that US$1 trillion is lost every year due to cyber issues. If you consider the ripple effect a single cyber-attack has on the economy, suddenly this figure isn’t such a surprise.  

What I do continue to be surprised by is the lack of proactivity from many businesses when it comes to reviewing their cybersecurity strategies. If a cyber-attack can hit Toll Group, a large, sophisticated organisation with a team of dedicated Infosec professionals, it can hit any business. Are your cybersecurity strategies evolving enough to meet the changing face of cybercrime? Or is your business a sitting duck?

And even if your company isn’t directly hit by a cyber-attack, it will be affected by the eventual ripple effects emerging from one that’s hit another company – at the very least in the form of sluggish economic growth. A real-life example is the rapidly escalating case of coronavirus. It may have begun in China, but the resultant effects of the healthcare crisis are  already leading experts to speculate that it may result in a global economic slowdown. In this case, do you have a business continuity plan that can help mitigate risks as much as possible?  

Let this attack on Toll Group be a reminder to all of us that it isn’t just an attack on the company, but on all of our businesses. Since we’re all part of an interdependent and fragile ecosystem, what negatively impacts one company is likely to have detrimental consequences on our businesses too. If we’re not prepared to deal with such cyber-attacks (either directly or indirectly), the consequences that result will be catastrophic.  

While we owe it to one another to share intelligence and learnings in the fight against cybercrime, we also have a duty to hold our supply chain and business partners to account for their endeavours to protect themselves and their data from malicious actors.  

Reach out to me or my team at the contact details below to find out how you can protect your business from cyber-attacks and the resulting domino effect.  

Get the facts

Companies are spending more on cybersecurity now than ever before, but those funds aren't always targeting the most significant dangers. There seems to be a bit of a disconnect amongst many CEOs about the sources of cyber-threat.

Studies consistently show that more than 90% of cyber-attacks are perpetrated via email, yet email security is rarely the biggest item in cybersecurity budgets.  If we’re going to win the battle against cybercrime we have to get real about the nature of the threat.

I’m on a mission to help business people understand cybercrime and protect their businesses from costly attacks. If you would like to learn more about the complex cybersecurity challenges facing business today, please download my e-book Surviving the Rise of Cybercrime. It’s a plain English, non-technical guide, explaining the most common threats and providing essential advice on managing risk.

src-banner

You can download my e-book for free, here.

“Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.” - Rob Sloan, Cybersecurity Research Director, Wall Street Journal. 

... ... ...


Craig_McDonald
Hi, I’m Craig McDonald; MailGuard CEO and cybersecurity author.
Follow me on social media to keep up with the latest developments in cybersecurity; I'm active on LinkedIn and Twitter. 
I’d really value your input and comments so please join the conversation.

 

Keep Informed with Weekly Updates

 

 

Topics: Phishing Data Privacy Ransomware brand exploitation Toll Group Ripple Effect

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all