Security Market Segment LS
Thursday, 21 February 2019 13:04

Oh, what a feeling! Toyota Australia hit by cyber attack Featured

By
Oh, what a feeling! Toyota Australia hit by cyber attack Pixabay

Toyota Australia has suffered what it says is a cyber attack that is believed to have affected its website and mail systems.

Sections of the site are still down as can be seen from the screenshot below.

toyota webpage

The company said in a statement: "Toyota Australia can confirm it has been the victim of an attempted cyber attack.

"At this stage, we believe no private employee or customer data has been accessed.

"The threat is being managed by our IT department who is working closely with international cyber security experts to get systems up and running again.

"At this stage we have no further details about the origin of the attack.

"We apologise for any inconvenience caused and thank customers for their patience."

The company was made aware of the attack on Wednesday, according to radio station 3AW's Rumour File.

News of the Toyota attack comes on the same day that the Melbourne Heart Group was revealed as being the victim of a Windows ransomware attack.

A number of security professionals were quick to offer comment on the Toyota hack. Geoff Andrews, regional director, APAC for identity provider Ping Identity, said: "As we are commonly seeing in all industries, and reported in Mandatory Breach Notification reports from OAIC, credential abuse is one of the major vectors of cyber attack.

"At the same time, increasingly, we are also seeing API infrastructures as an attack vector, and one where exploits known to evade web application firewalls and API gateways themselves are becoming more prevalent.

"A robust security posture requires organisations of all types to have strong, continuous and adaptive authentication and authorisation as part of their strategy to keep their business data, and that of their staff, customers and partners, secure. Additional security measures should be considered for API-forward organisations."

CQR Consulting co-founder and chief technology officer Phil Kernick said the recent breaches indicated it was time for Australian business to get on the front foot with their cyber defences.

"For too long businesses have claimed that they accept the risk of cyber attack without really understanding what it means, and only start responding after their systems have been breached and their data stolen," he said.

"In 2019, this is no longer good enough. Businesses need to proactively assess and protect against increasing cyber threats. The Australian Cyber Security Centre has already provided excellent advice to Australian businesses. It’s time for Australian businesses to act."

Michael Warnock, Australia country manager of Aura Information Security, expressed surprise that businesses were still being caught by surprise.

"Given the potential for serious financial losses in the event of a cyber security breach, you might think that Australian businesses were fully on-board with doing whatever has to be done to mitigate harm. Unfortunately, that is not always the case," he said.

"While the majority of businesses have some sort of structure in place to keep the board and senior management apprised of security issues, our survey late last year found that one-fifth of Australian IT professionals report that senior managers don’t regard cyber security as a key concern.

"Buy-in from senior management is essential for any company-wide process. Complacency on cyber-security from management puts the whole organisation at risk and organisations really do need to develop processes for monitoring and managing their cyber health.

LogRhythm APAC sales director Simon Howe said the data held by Toyota was extremely valuable. "The automotive industry holds design and customer data which are extremely valuable while at the same time, the cyber threat landscape is always evolving and hackers are getting more sophisticated with their methods of attack," he said.

"We must remember that if we are using technologies such as artificial intelligence and machine learning for cyber security, so are the hackers. Organisations simply don’t have the means to block off every attack especially when hackers are targeting valuable information and the data stored and collected as they go digital.

"Instead, they should be looking at minimising the time to detect, respond and remediate a threat rather than just preventing a breach."

Sean Abbott, country manager of Australia and New Zealand for disaster-recovery firm Zerto, said: “The ransomware and cyber attacks on Toyota Australia and Melbourne Heart Group serve as a strong reminder of the importance of data protection and having an IT-resilient strategy in place.

"With cyber attacks getting bolder and more sophisticated and hitting organisations when they least expect it, businesses need to ensure that they’re able to withstand and rebound from incidents that can potentially cripple their organisation. The ability for Australian organisations to respond to service disruptions and downtime and how fast they get back up and running is key to ensuring that the business’ financial and reputation is not compromised.

"More importantly, Australian businesses need to be available to their customers 24/7 and ensure that customer confidence in the organisation continues to remain high following a disruption. When it comes to data loss, continuous data replication is critical and a system that can capture every change, every second and allow for fast recovery is crucial to an organisation.”

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments