Toll was the only company contacted by the parliamentary inquiry that failed to rule itself out. A number of other companies hit by cyber attacks in recent years – Telstra, Optus, Atlassian, Qantas, Google Cloud and Australian Gas Infrastructure Group – said they did not believe they were the company singled out by Ms Noble.
The intelligence and security committee is reviewing proposed laws that would allow the government to declare an emergency to give agencies such as the ASD the power to forcibly plug into the networks of critical infrastructure to fend off major attacks.
In her evidence to the inquiry on June 11, Ms Noble said there were some “wonderful examples of incredible co-operation” with the ASD but she wanted to provide an example of what “bad looks like”.
“This is a real example but I’m not going to name names, that’s really important: we find out something has happened because there are media reports,” Ms Noble said. “Then we try to reach out to the company to clarify if the media reports are true and they don’t want to talk to us.
“Five days later, we’re still getting a very sort of sluggish engagement of trying to get them to provide data to us and deploy some of our tools … that goes for 13 days, this incident had a national impact on our country.
“Three months later, they get re-infected and we start again. That is the sort of scenario where this legislation actually gives us the authority through Home Affairs [to intervene].”
Toll was targeted by significant cyber attacks in February and May 2020, with the hackers gaining access to a corporate server and stealing employee and commercially sensitive information relating to clients.
The Morning Edition newsletter is our guide to the day’s most important and interesting stories, analysis and insights. Sign up here.