Security Market Segment LS
Wednesday, 06 May 2020 09:09

Toll hit by Windows ransomware again, some systems taken offline Featured

Toll hit by Windows ransomware again, some systems taken offline Image by pasja1000 from Pixabay

Transport and logistics provider Toll Group has suffered a Windows ransomware attack, the second this year, with the malware in question being Nefilim.

In a statement released on Tuesday, Toll said it had shut down some of its systems as a precaution.

The company said it would not entertain the idea of paying a ransom to extricate itself from the situation.

It claimed that there was no evidence to show that any data had been exfiltrated from its network.

Like a number of other ransomware groups, the people behind Nefilim hold out the threat of leaking a victim's data within seven days of the breach if the ransom is not paid.

In February, Toll was hit by ransomware known as Mailto.

"We are in regular contact with the Australian Cyber Security Centre on the progress of the incident," the Toll statement said.

"Toll’s priority is the safety and security of our customers, employees and vendor partners and, to that end, we have business continuity plans and manual processes in place to keep services moving while we work to resolve the issue. We expect these arrangements to continue for the remainder of the week.

"We have been in contact from the outset with various customers impacted by the issue and we continue to work with them to minimise any disruption."

Commenting on the incident, Mark Sinclair, ANZ regional director for security outfit Watchguard Technologies, said it was unusual to see a company get hit by ransomware twice in a fairlys short period.

"Nefilim features the added threat that sensitive data may be released by the attackers if the ransom is not paid," he said. "This is a step up in the battle against ransomware and it is a strong reminder to businesses that prevention is much better than a cure.

"Stopping ransomware in the first place should be a priority. This includes having technology protections such next-gen firewalls, advanced endpoint protection and multi-factor authentication but also ongoing user awareness training.

"Users are often overlooked, but awareness training can be one of the most effective mitigation strategies."

Mark Perry, Asia-Pacific chief technology officer with PIng Identity, said: "The threat from ransomware attacks is increased when many workers are operating from non-office environments, perhaps on non-company supplied devices.

"For organisations, this way of working will become the new normal, and IT departments need solutions that not only mitigate the risks, but are fast to deploy and easy to maintain.

"Multi-factor authentication that uses a risk-based approach to user login and authorisation is a 'quick win' for many organisations in the fight against attackers.

"Using the data available from a user's smartphone, rogue requests for access to applications, devices and data can be matched against previous usage, and obvious anomalies, like a request from overseas 30 minutes after a successful local login, can be blocked, and security systems notified."

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News