The transport company Toll Group was the victim of ransomware for the second time in three months.
The toll is a US $ 8.7 billion concern based in Australia but with operations worldwide.
Yesterday, the company warned customers that “it had taken the precautionary measure yesterday to shut down certain computer systems after detecting unusual activity on some of our servers.”
“Following investigations to date, we can confirm that this activity is the result of a ransomware attack. In collaboration with computer security experts, we have identified the variant as a relatively new form of ransomware known as Nefilim. “
Netfilim was Point by threat hunter Vitali Kremez in March, when he pointed it out as a mutation of the Nemty ransomware.
Toll was hit by a variant of the Mailto ransomware in early February 2020 and decided to “immediately isolate and deactivate certain systems in order to limit the spread of the attack”.
This resulted in delays in shipments for businesses and individuals. As one of Toll's customers is Australia Post – the national postal service – parcel deliveries were among the delayed items.
At the time when the huge shocking thing that looked like the end of the world was Australia on fire, it turns out that the telecom operators resisted well
By the bucolic days of February, Australia had mostly stopped burning, so these delays were a drawback for most.
With the nation in foreclosure and delivery services already stretched, this incident is doubly undesirable.
Toll did not explicitly detail the impact on its services, but said, “We have been in touch with various customers affected by the problem from the start and continue to work with them to minimize any disruption.”
The company also said that this infection was not related to its last attack and that it could not find “any evidence at this stage suggesting that data was extracted from our network”.
The company will not pay a ransom either, but will instead rely on business continuity plans and manual processes that should run for an additional week.
Ransomware attacks are a reality, but they can also be prevented. While Toll has removed two new strains and they may be difficult to defend, the $ 8.7 billion IT-dependent companies to track countless expeditions are said to have strong defenses. ®
Office 365 client-to-client migration tips