“The managing director of logistics giant Toll Group has warned other CEOs they must expect to suffer the horror of a major cyber attack.”1
The Australian Financial Review, 10 March 2020
In February 2020, Toll was forced to shut down key systems – including online bookings – for three weeks after being attacked by a strain of the Mailto ransomware.2
The fallout was immediate and savage: frustrated customers vented on social media and the financial press devoted extensive coverage to the business impacts.
Also in February, security concerns shut down the Australian Defence Force’s outsourced recruitment records system for 10 days.3
On New Year’s Eve 2019, global currency exchange Travelex discovered it was infected by Sodinokibi ransomware, keeping vital services offline until well into January.
Hackers infiltrated the Australian National University’s IT systems in mid-2018, with another attack later that year, potentially compromising Australia's leading national security college and key defence research projects.4, 5
Analysis of these incidents makes it clear: malicious attacks are growing increasingly sophisticated, they don’t discriminate by sector, and they cause significant disruption. This includes loss of productivity and customer service as well as reputational damage.
Organisations need to keep their prevention, protection and detection systems and capabilities up to date.
More crucially, these attacks have highlighted the importance of recovery planning. In the event of an attack, organisations need to keep operating and minimise business impacts.
What can you do?
Every organisation needs a robust and up-to-date Business Continuity Plan that includes contingency for significant business system failures.
Your Business Continuity Plan must be fit for purpose, include a comprehensive IT disaster recovery module, and be adequately tested to ensure it is effective.
For a confidential discussion, please contact our Managing Director Phil O'Toole.
1.'It will happen to you': Toll chief opens up on cyber attack, The Australian Financial Review, 10 March 2020
2.Toll close to restoring key service three weeks after cyber attack,The Australian Financial Review, 24 February 2020
3.Fears private details of Defence Force members compromised in database hack, abc.net.au, 4 March 2020
4.Chinese hackers breach ANU, putting national security at risk, Sydney Morning Herald, 6 July 2018
5.ANU data breach: How hackers got inside Australia's top university, The Canberra Times, 2 October 2019