Toll Group probing new ‘Nefilim’ ransomware attack

Second attack this year unrelated to original, company says

Toll Group probing new ‘Nefilim’ ransomware attack
Toll has been the victim of two ransomware attempts in 2020


Not long after recovering from a ransomware attack that impacted its IT systems for more than a month, Toll Group has fallen foul of a second wave.

The matter surfaced after users first noticed an error message on the mytoll portal, alongside disrupted communications with the firm.

In a statement, Toll confirms it is dealing with a ransomware attack and took the precaution yesterday of shutting down certain IT systems, after it detected unusual activity on some of its servers.

"As a result of investigations undertaken so far, we can confirm that this activity is the result of a ransomware attack," a spokesperson says.

"Working with IT security experts, we have identified the variant to be a relatively new form of ransomware known as Nefilim.

"This is unrelated to the ransomware incident we experienced earlier this year."

How Toll's ransomware attack sent ripples through the transport world

Toll says, as in the first instance, it has no intention of engaging with any ransom demands, and there is no evidence that any data has been extracted from its network.

"We are in regular contact with the Australian Cyber Security Centre (ACSC) on the progress of the incident.

"Toll’s priority is the safety and security of our customers, employees and vendor partners and, to that end, we have business continuity plans and manual processes in place to keep services moving while we work to resolve the issue."

At this state it forecasts current arrangements to continue for the remainder of the week.

"We have been in contact from the outset with various customers impacted by the issue and we continue to work with them to minimise any disruption."

It comes amid the recent departure of chief information officer (CIO) Françoise Russo to gambling entertainment firm Tabcorp.

She joined in 2016 and oversaw a $400 million IT transformation program to modernise Toll's systems.

"Today we welcomed our new Chief Information Officer (CIO), Françoise Russo, to our executive leadership team. We’re excited to have Françoise on board to lead our technology team," Tabcorp says in a short statement.

Toll says King Lee is the new CIO, arriving from General Electric (GE) in March.


You can also follow our updates by joining our LinkedIn group or liking us on Facebook


Trucks For Hire | Forklifts For Hire | Cranes For Hire | Generators For Hire | Transportable Buildings For Hire