Craig McDonald 06 February 2020 10:50:23 AEDT 4 MIN READ

Toll Group ransomware attack: Don’t let it happen to you

Like many of you, I read the news that Toll Group confirmed that it is the victim of a “targeted ransomware attack.”

I shudder to think of what the company and the people at the centre of it all are going through. Being in the cybersecurity industry for over 20 years and having personally gone through a vicious cyberattack in my previous company, my heart goes out to those people. The consequences of a disrupting attack such as this are, to put it mildly, grave. Companies can expect massive financial losses and a hit to their reputation (just check out the rapidly trending posts on social media by frustrated Toll Group customers).

Toll Group’s response to the attack, despite some media criticism, has been commendable. They became aware of the issue on Friday 31 January and, as soon as it came to light, “moved quickly to disable the relevant systems and initiate a detailed investigation to understand the cause and put in place measures to deal with it,” according to an official FAQ-styled statement from the company. The statement also included important details regarding the nature of the incident and what it means for customers. While a few media outlets have criticized them for not being more forthcoming about the attack, the transparency of their response is reassuring. Many businesses today still prefer to remain tight-lipped when their company experiences a cyberattack. By contrast, Toll Group is providing regular updates about what has happened and the measures that are being undertaken to protect their customers. By doing so, they’re demonstrating a commitment not only to protecting their customers, but also towards a collaborative cybersecurity culture, sharing their experience to raise awareness within the wider community.

[Update: A day after I wrote this, it was reported that Toll Group has also shared samples of a ‘new variant of Mailto ransomware’ with the Australian Cyber Security Centre and other researchers]

I consistently push for other companies to be more transparent about the attacks they’re experiencing because unfortunately, these stories are all too common. Cybercriminals and their techniques are advancing all too quickly and this global epidemic is crippling businesses, destroying reputations and having devastating economic repercussions everyday. Toll Group is a large, sophisticated, global organisation that is undeniably spending large amounts of money on security, with a team of dedicated Infosec professionals and partners in place to respond. If a targeted ransomware attack like this can disrupt a large organisation like Toll Group, then it can happen to anyone.

Let this attack be a timely reminder to all businesses. We need to push through the inertia of thinking we’re doing everything we can to stay safe. The onus is on all of us to consistently review our defences, our systems, our people and processes. Cybercrime is moving at warp speed. What was adequate yesterday is not today. This is something that none of us would like to personally experience.

If you would like to discuss your organisation’s cyber readiness, my team is here and ready to help. Feel free to contact us at the details below.

Get the facts

Companies are spending more on cybersecurity now than ever before, but those funds aren't always targeting the most significant dangers. There seems to be a bit of a disconnect amongst many CEOs about the sources of cyber-threat.

Studies consistently show that more than 90% of cyber-attacks are perpetrated via email, yet email security is rarely the biggest item in cybersecurity budgets.  If we’re going to win the battle against cybercrime we have to get real about the nature of the threat.

I’m on a mission to help business people understand cybercrime and protect their businesses from costly attacks. If you would like to learn more about the complex cybersecurity challenges facing business today, please download my e-book Surviving the Rise of Cybercrime. It’s a plain English, non-technical guide, explaining the most common threats and providing essential advice on managing risk.


You can download my e-book for free, here.

“Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.” - Rob Sloan, Cybersecurity Research Director, Wall Street Journal. 

... ... ...

Hi, I’m Craig McDonald; MailGuard CEO and cybersecurity author.
Follow me on social media to keep up with the latest developments in cybersecurity; I'm active on LinkedIn and Twitter. 
I’d really value your input and comments so please join the conversation.