Australian based Managed IT support offices in Melbourne, Sydney and Brisbane
Powernet Colour a VITG Company POS

Everything You Need to Know About Toyota's Cyber Attack

In a statement released on the 29th of March 2019, Toyota announced they had been hit by an attempted cyberattack, that potentially affected 3.1 million people. 

What Happened? 

Back in 2019 Toyota fell victim to several attempted cyberattacks, these cyberattacks came during a time when their IT systems were in a 'vanilla' stage, being built and were incomplete. Toyota was in the process of rebuilding its IT support systems and management databases when the attacks hit.

Toyota was also in a transition phase between IT support providers, moving from a basic provider to a more suitable provider. Unfortunately, their central list of IT assets and how they were interconnected - was under repair when attackers struck.

“We had a pivotal moment a few years ago, where we had a cyber incident, and we had to proactively pull down our network essentially and rebuild,” said Michael Mirabito, IT Infrastructure Manager at Toyota.

“I won't talk about those times, because I remember the long days and lack of sleep. We did a really good job from an IT perspective to get it up and running really quickly but it was painful."

“And I can tell you now, it made us realise how important the CMDB (IT helpdesk systems and configuration management database) is. We wished that we had a better CMDB at that point because it would have made that rebuilding process better".

“Unfortunately, because we didn't, we had unknown infrastructure out there, we had apps and services that we didn't know how they connected together, and knowledge within the business had been lost over time."

“We had to just scramble at that point and work as well as we could together to rebuild and get the information that we needed.”

In their recovery, Toyota implemented a software asset management (SAM) platform to keep track of paid licences and to challenge users whose licences sat unused for an extended time.

“We could immediately see who was using licences and who wasn’t, and more importantly we could see that people hadn't used licences in two years, yet we were still paying for it,” Mirabito said.

“We also identified software that people shouldn't have even had on their machines, and we were able to immediately save money because we removed licenses that weren't being used.”


Toyota's recovery led their IT support team to servers they didn’t know existed, and to repair systems that had been long-forgotten by the people that originally set them up.

The Importance of Documentation & Systems Maintenance

IT support administrators often groan at the thought of documentation, while it can be a monotonous task, the role the lack of documentation played in Toyota's cyber breach is a good example of why it is vital. How can you protect your IT assets if you don't know what assets you have?

Keeping your systems maintained, patched and up to date is a low-cost way of bolstering your cybersecurity. Hackers can quite easily exploit systems that aren't maintained, so it is important to stay on top of your patching. The recent zero-day vulnerability in Apple devices is a good example of this.

What is a Cyber Breach?

It is considered a cyber breach when part of your business is accessed unlawfully. This could be an ex employee logging in, or a hacker gaining access to your systems.

Notification Requirements

If you have a cyber breach you may be legally required to notify the Australian government. Failure to notify can result in fines of $360,000 for individuals and $1.8million for businesses.

It's important to have the right measures in place to identify if you have had a breach, and if you do, what steps to follow to notify the right parties.

We recommend creating an Incident Response Plan for your business, your company lawyer, IT support team and leadership teams should be involved in the developing the plan. Once it is created we recommend doing a practice run so in the event that you do have a breach, you are well prepared to invoke your plan. 

Check out our free template to get started.

How Can I Protect Myself?

For individuals, there are a lot of things you can do that don't require a lot of investment. Most computers today come with the ability to encrypt, check out our guide on how to set up encryption. Choose an anti-virus platform that is right for you, and has extra features, check out our guide to buying the right antivirus.

Turn on two-factor authentication for your social platforms - Twitter, Tik Tok, Instagram, Facebook, LinkedIn, Gmail.

Use strong & different passwords for all of your accounts and remember them by using a password manager like LastPass.

Besides the technology read through the government's little black book of scams to get familiar with what a scam email or website could look like. Your best defense is arming yourself with the knowledge of how to identify something malicious. 

How Can I Protect My Business?

Education and proactive prevention are key. Ransomware commonly enters a business through malicious emails so, having an email filtering and ‘containerisation’ platform in place is step one.

Ensuring you are in compliance with the Australian Government's ASD Essential 8 security recommendations is your first step. We have a cybersecurity team that was built with the ASD Essential 8 principles at it's core and would love to secure your business.  

Technology is advancing all the time and there are some relatively inexpensive and 'quick wins' you can implement to be protected:

- Audit and create a list of all your business applications, and their security features (you can use this template to get the job done)

- Foster a cybersecurity culture in your business

Turn on encryption for all of your computers 

- Educate your team on how to identify a scam

Get familiar with the ASD Essential 8

- Follow these 5 steps to stay safe online

- Check out this post on keeping your remote workforce safe

- Talk to us about dark web scanning

- Check your insurance to see if you have cybersecurity insurance included

Cybersecurity is talked about a lot today, and for a good reason. It can be really easy to fall victim to a cyberattack, it's not just big companies that are targeted. Your best defence is education and awareness, with technology as your backup, knowing how to identify something malicious is the best way to keep you and your business safe online. 

Our cybersecurity team across Melbourne, Sydney and Brisbane can help you assess whether you have the right measures in place, and what else you can do to stay safe online, get in touch to learn more. 

Subscribe to our newsletter for the latest technology tips & tricks.

Recent Articles

Tags

Categories

Search the Powernet blog

How to delete a whole page in Microsoft Word

How to delete a whole page in Microsoft Word

If you want to remove that stubborn blank page at the end of your report or delete a page containing […]

Read more
How to Unsend an Email in Outlook

How to Unsend an Email in Outlook

How to Unsend an Email in Outlook “Have you ever experienced that sinking feeling in your stomach after accidentally sending […]

Read more
Customise Google Chrome with Colours and Themes

Customise Google Chrome with Colours and Themes

We all spend a great deal of time in our internet browser, searching, googling, so it makes sense to not […]

Read more

We are well awarded

Reach our team

We’re always happy to help you find the right solutions to your IT and technology needs. Here are some ways to contact us.

Give us a call

Chat with our team to discover the best IT solutions for your organisation.
1300 892 692

Our locations

Melbourne CBD

Level 15 / 565 Bourke Street, Melbourne VIC 3000

Eastern Melbourne

Level 2 / 74 Doncaster Road, Balwyn North VIC 3104

Geelong Region

East 4/13-35 Mackey Street, North Geelong VIC 3215

Sydney

U18 / 23-31 Bowden Street,
Alexandria NSW 2015
(02) 8214 8855

Brisbane

7/9 Archimedes Place, Murarrie QLD 4172

Send us an enquiry

This field is for validation purposes and should be left unchanged.

cross