Lion has revealed it experienced a cyber attack on Monday morning and shut down all its systems as a precaution.
The brewer said it has continued to work with cyber experts to determine how much longer its systems will be impacted.
On June 10 it reported that it had made “substantial progress over the last 24 hours in terms of diagnosis and recovery planning”.
“We are working through the impacts,” Lion said. “There is no evidence to date of any data breaches, but we are still investigating every aspect of this major incident.
“To support our customers and suppliers, we have already introduced a number of manual systems to allow us to take orders and then ship products around our networks.
“We recognise that this is not perfect and it is impacting our customers. We are doing everything possible under the circumstances.
“We have teams working around the clock to bring our systems back online safely.”
Worst time for a cyber attack
Lion said the attack could not have come at a worse time, particularly for its pub and club customers who are in the very early stages of recovery following the COVID-19 closures.
“Throughout the COVID shutdown, we were able to continue to brew beer safely, meaning we have a good supply of product for the time being,” Lion said. “In saying that, this attack has impacted crucial aspects of the brewing process. We operate multiple large-scale breweries, which are heavily reliant on IT infrastructure.”
The Sydney Morning Herald reported that workers lost remote access to the company’s internal IT system during the breach.
Shadow Assistant Minister for Cyber Security Tim Watts said: “The attacks on Toll, BlueScope and now Lion show that international cyber crime syndicates have turned their attention to Australia.
“But despite accelerating attacks, which can potentially disrupt essential services, the 2016 Commonwealth Cyber Security Strategy reached the end of its life almost two months ago and Peter Dutton still hasn’t produced a new strategy ten months after starting work on it.
“Heads of intelligence agencies, cyber experts and the Defence Department have all expressed concern about our vulnerability to cyber attack, but the Morrison Government has failed to act. It’s past time that it showed leadership.”
Cybercrime attacks have skyrocketed globally during COVID-19, fuelled by reduced levels of security as employees home isolate.
Interpol reports cybercriminals are attacking the computer networks and systems of individuals, businesses and even global organisations at a time when focus has shifted to the health crisis.
The Australian Cyber Security Centre has observed an increase in COVID-19 themed malicious cyber activity in the country, both for private businesses and government departments.
In April, for example, a major cyber-security breach at Service NSW was sparked by a phishing scam, which illegally accessed the emails of 47 staff members.
A spokesperson for the Australian Cyber Security Centre told the Australian Financial Review it had provided advice to Lion.
“Malicious cyber activity against Australia’s national and economic interests is evolving in scale, sophistication and impact,” they said.