Major Australian Logistics business (Toll Group) Ransomware - Compromised

UnixGuy

This seems to be the biggest compromise of an Australian business of this size:

https://www.afr.com/technology/toll-faces-customer-fallout-after-cyber-attack-20200214-p540s2

I stopped being surprised about a decade ago, but what do you all think?

Hawk321

Well, I've seen so much **** in the IT....so much !!!!
I'm shocked how bad many admins are and how naive developers are (hey we place everything in K8S, our vm structure was a mess, but now we are fancy).

It is not problem for me, that many IT folks don't have a deep knowledge about a particular topic ... I've a problem when IT folks can't do even the basics like documentation, to organize and/or to use common sense like --> we run a webserver,...so RTFM

Same goes for Email Malware...Email AVS, GPO's or just a controlled policy that forces EVERY user to rather skip an email and ask for help/2nd opinion before clicking on something like "validfilename.docx.exe"

UnixGuy

I'm just wondering if those breaches will lead raising the standards of hiring security professionals? all the way from analysts to CISOs...that's just my wishful thinking

Hawk321

Nah...eventually they try to hire a Phd in CYBER security to defend them self from evil CYBER ruskies ....and if this does not work, they jump on the next hype to get a better CYBER awareness .