Skip to main content

Ransomware: International shipping firm grappling with attack

Yet another ransomware attack is causing huge problems for the company on the receiving end.

This time, Australia-based shipping firm Toll Group is scrambling to get its systems back up and running after succumbing to a malicious attack on Friday, January 31.

Ransomware works by locking down a computer system, with a financial payment to the hacker usually the only way for the victim to regain access to their data. The malware is usually delivered via a link in an email attachment, or via an infected website.

Toll, which employs 40,000 people globally, revealed on Monday that a “cyber security incident” had forced it to “deliberately shut down a number of systems across multiple sites and business units” to limit the spread of the attack.

But it wasn’t until Tuesday that Toll confirmed ransomware as the cause.

Sources claiming to have knowledge of the incident told ITNews that staff at Toll’s offices around the world were ordered to disconnect their computers from the corporate network before powering them down.

Toll: “Working around the clock”

The Melbourne, Australia-based company insisted that it is “working around the clock” to get on top of the situation, but added that some of its customers “are experiencing delay or disruption.”

Toll said that for parcels, its processing centers are continuing to operate as usual for pick-up, processing, and dispatch “albeit at reduced speed in some cases.” It added that with some of its computer systems still down, most of its other operations have had to switch to manual systems.

The company said that its investigations so far suggest that no personal data was stolen in the incident.

The level of damage caused by a ransomware attack depends partly on whether the victim — which can include individuals as well as businesses — has a system in place to back-up data on a regular basis. Some victims without such a system face losing all of their data unless they pay the ransom.

Ransomware attacks are growing in number, with large organizations being increasingly targeted. The disruption caused by such attacks can result in untold harm to a business. Take Travelex. The world’s largest retail currency dealer is still recovering from a ransomware attack that took place five weeks ago, with its online travel money service still unavailable to customers.

We’ve reached out to Toll Group to find out more about how it’s dealing with the incident and will update this article when we hear back.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers are scoring with ransomware that attacks its previous victims
businesses and cyber security firms are coming up with creative ways to fight hackers laptop hacker

Hackers are targetting computers with ransomware that scours a previously infected network in order to pinpoint and attack and enterprises with big money. Named "Ryuk," the ransomware has been around since 2017, but only recently, in mid-2018, has there an uptick in successful attacks, according to research done by the security experts at FireEye.

Upward of $3.7 million in Bitcoin has been acquired by hackers leveraging these attacks, which first infects victims PCs with a "Trickbot" trojan, and then subsequently the "Ryuk" ransomware. As part of the process, after sending a payroll phishing email and tricking victims into opening it, the hacker is able to use the"Trickbot" trojan and scour the victim's network and files to determine if the target is worth infecting with a subsequent attack via "Ryuk."

Read more
Millions of health records may be at stake in ransomware attack
A hacker inputting code into a system.

Millions of patient health records may be at risk after LabCorp, one of the largest medical diagnostics companies in the United States, discovered that its systems had been breached during the weekend of July 14. After detecting suspicious activity on its network, it took immediate action to take parts of its system offline, LabCorp revealed in a filing with the Securities and Exchange Commission (SEC).

“This temporarily affected test processing and customer access to test results on or over the weekend,” LabCorp said in its SEC 8-K filing. "Work has been ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed today, and we anticipate that additional systems and functions will be restored through the next several days. Some customers of LabCorp Diagnostics may experience brief delays in receiving results as we complete that process.”

Read more
Facebook celebrates historic and modern women alike on International Women’s Day
facebook international womens day 2018 fb shemb standard qp mockup v2

March 8 is International Women’s Day, and Facebook is choosing to celebrate both historic women and today’s females. In what was the most-talked-about day on the social network last year, Facebook will both celebrate women and history and boost modern women through a new tool for entrepreneurs, the #SheMeansBusiness Community Finder. Facebook joins other tech companies, including Google, launching new female-focused features for the global celebration.

Facebook users today will see a celebration of women in history through a Credit Her campaign, a move designed to give credit where credit is due on historic female firsts, from Billie Jean King to Big Momma Thornton. The campaign video will be available for views and shares at

Read more