18 days after the Australian transportation firm Toll was crippled by ransomware, the company is still suffering problems, and the attack continues to impact its customers. It shows that the cost of ransomware is often much higher than the ransom requested by the attackers.
Some companies choose not to pay the hackers or even communicate with them, and this is precisely what Toll has been doing. While this method might not discourage further attacks, it does send a message that organizations should resist. In fact, Australia’s Computer Emergency Response Team (CERT) recommends that people or companies not pay the ransom.
Following the attack, Toll started the difficult work of restoring the systems, but the bigger the company, the more complex the infrastructure. The company’s clients were the first impacted, and an AFR report says that Officeworks, Unilever, Adidas, and Nike are among organizations affected.
“We now have many of our customers back online and operating essentially as normal, including through large parts of our global cargo forwarding network and across our logistics warehouse operations around the world,” said a Toll spokesperson for NZME.
“For all of that, we know that some of our customers continue to be affected. We’re working with them and we’re doing everything in our power to get them moving as a matter of priority and, importantly, when it’s safe to do so.”
Toll has yet to provide a timeline for the restoration of services, and it’s not difficult to see why.
On January 31, Toll experienced one of the largest ransomware attacks in Australia, which impacted the organization at a global level. Some reports mentioned that a variation of Mailto was responsible for the infection, but there’s no official word yet.