Toll Group cyber-attack shows the need for resilience to combat Black Swan risk

Toll Group suffered major disruption to its operations as a result of a ransomware attack which hit its IT systems on Friday, February 3rd. Toll’s actions were to “isolate and disable some systems” which left the company operating manually in certain locations and business units, while other services continued at reduced speeds and several customer-facing apps were taken offline.

As the attack was discovered, Business Insider reported systems in Toll’s home Australian market, as well as the Philippines and India, were affected. MyToll – the Group’s freight booking platform that also tracks shipments – was taken offline, with manual workarounds put into place. It was also widely reported that while e-fulfilment centres remained operational, processing speeds and volumes were greatly reduced.

Toll revealed during the disruption that it had been the target of a ransomware attack. It also said it would be concentrating on the restoration of services and not paying the hacker’s demands. No personal data was compromised and by Wednesday 5th February, Toll said that as a result of its business continuity measures, “many of our customers are now able to access our services across large parts of the network globally including freight, parcels, warehousing and logistics, and forwarding operations.”

The attack is the latest in an increasingly long list of cyber threats logistics companies have faced in the last few years. Back in 2017, the NotPeyta attacks affected companies across sectors. Maersk and FedEx, via TNT Express, were hit severely. Both put the costs of the attacks at around $300m when lost revenue, fixes and associated one-off costs were accounted for.

The latest attack is pertinent for those considering supply chain risk for a number of reasons. Narrowly defined, the events at Toll, FedEx and Maersk highlight that technologies also bring their own risks. Increasing reliance on technology leaves supply chains more open to cyber-attacks as data becomes more freely available. Maintaining robust security will be ever more critical.

Indeed, the threat of cyber-attacks has been high on the risk radar for several years. Back in 2018, the World Bank’s Logistics Performance Index ranked cyber threats as the third most significant risk to supply chains globally. At the time, Ti wrote “with a significant increase in the scale and severity of malicious cyber activity globally in the past few years, it should come as no surprise that more countries perceive cybersecurity threats a risk to logistics. When we take a look at the recent cyber-attacks of including at Maersk and FedEx, it becomes evident that logistics businesses have specific vulnerabilities which make it all the more important for them to defend their operations from cyber threats. Whilst the impact of cyber-attacks on logistics operations is recognised across both developed and developing countries, high-income countries are more likely than low-income countries to be increasing their preparedness for cyber threats. That cybersecurity safeguarding efforts are not high on the agenda of low-income countries should come as no surprise given that they have to deal with more pressing issues to boost their national competitiveness, such as improving infrastructure for instance.”

More widely, the threat of cyber-attacks highlights the threats of so-called Black Swan events, the ‘unknown unknowns’ of risk. Such ‘high impact low probability’ events which cannot be foreseen but which change the understanding of the market when they occur, highlight the need for supply chain resilience. Just because high impact low probability events – the Black Swans – cannot be predicted does not mean supply chains should not prepare for them. Rather than look into the past for insight, future supply chain managers should instead identify weaknesses in their operations. Resilience must be risk agnostic. Addressing vulnerability is the best way to mitigate the impact of any disruption from whichever source.

Source: Transport Intelligence, February 6, 2020

Author: Nick Bailey


Get the latest logistics news and high level analysis delivered straight to your inbox:

  • Create a password
  • By clicking submit you consent to creating a Logistics Briefing account