Get all your news in one place.
100’s of premium titles.
One app.
Start reading
ABC News
ABC News
Business
Michelle Tapper

Black and White Cabs booking service offline after cyber attack

A cyber attack on Black and White Cabs has shut down the company's phone and online booking system.

Suspicious activity was detected by staff on Wednesday morning and a "serious threat" to the company was determined in the afternoon.

Black and White Cabs has confirmed that a CryptoLocker virus has infiltrated its network security, and it has reported the attack to the Australian Cyber Security Centre.

Managing director Greg Webb said cyber experts and the company's IT team were conducting a forensic investigation.

"Our ongoing investigation continues to show no evidence that any customer data has been accessed from our IT environment," he said.

"We take the protection of customer information very seriously, and this remains a high priority."

Mr Webb said additional security measures had been implemented to protect the private information of customers as the investigation continued.

It is not clear when the booking service will resume.

"Unfortunately, the restoration of our systems is still a while off as we do not wish to resume operations when there is any doubt that the virus is not yet contained," Mr Webb said.

"While we conduct our investigation, we have temporarily taken some of our customer-facing systems offline. Our team is contacting customers and account holders to keep them informed."

'The price of being online'

Cybersecurity Professor at Monash University, Nigel Phair told ABC Radio Brisbane the hackers would have seen the cab company as "fair game".

"This is a standard scenario happens I hate to say it, day in and day out, to organisations globally, and it is just the price of being online, if you do not invest sufficiently in cyber security controls," he said.

He said the hackers likely gained access by a "phishing attack" through a link attached in fake email or text message.

"That link has downloaded an executable file onto the system," Professor Phair said.

"And that file has made its way through the system and encrypted the contents of the network, and that's why they can't gain access to it anymore."

He said the hackers would have followed up the attack with a ransomware demand, most likely asking for payment in Bitcoin or some other cryptocurrency.

"But just because you [pay] does not mean you get access to your networks back or any stolen database," Professor Phair said.

"Sometimes you might get partial access back, sometimes the criminals might say, 'Look, since you pay that once you can pay up again'."

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.