Lion has given an update on the cyber attack and IT system outage that it is currently experiencing, revealing it has been caused by ransomware.
The ransomware targeted Lion’s computer systems. In response, it immediately shut down key systems as a precaution.
“Our IT teams and expert cyber advisors are working around the clock, investigating the issue and assessing how long the impacts will continue,” Lion said.
“Our focus is on bringing systems back online safely so we can resume our business as usual manufacturing, and customer services. This is taking some time, but it is necessary that we work through this properly.”
Impact on Lion’s operations
Lion said its teams are working as hard as they can to service customers and suppliers, implementing new manual processes and investigating all alternative options.
“We recognise this is imperfect and is causing disruption to our valued partners,” the brewer said. “We also recognise this is happening at an unfortunate time as we emerge from COVID-19 restrictions.
“Throughout the COVID-19 shutdown, we were able to continue to brew beer safely. We had stock at hand and were gearing up to increase brewing. This attack has delayed those plans, and because of the situation we have limited visibility of our products. We’re working to bring our breweries back online as soon as possible. In the meantime, we will be managing our stock levels very closely and may see some temporary shortages.
“We apologise in advance to our customers and consumers and ask for their patience as we do what we can to get back to normal supply levels.”
Lion’s recovery efforts
Lion said it had been hoping to have full access restored by now, but unfortunately the process is taking longer than it had hoped.
“There is no evidence that any of the information contained in our system (including financial or personal information) has been affected but this is something that we will review closely as we continue to investigate the incident,” Lion said.
“We have notified the authorities of the incident; and we will work alongside the relevant government authorities, law enforcement agencies and privacy regulators, as required.”
Interpol reports spike in cyber attack issues
Interpol reports cybercriminals are attacking the computer networks and systems of individuals, businesses and even global organisations at a time when focus has shifted to the health crisis.
Interpol lists the following types of cyber attack –
Malicious domains: There are a considerable number of registered domains on the Internet that contain the terms: “coronavirus”, “corona-virus”, “covid19” and “covid-19”. While some are legitimate websites, cybercriminals are creating thousands of new sites every day to carry out spam campaigns, phishing or to spread malware.
Malware: Cybercriminals are taking advantage of the widespread global communications on the coronavirus to mask their activities. Malware, spyware and Trojans have been found embedded in interactive coronavirus maps and websites. Spam emails are also tricking users into clicking on links that download malware to their computers or mobile devices.
Ransomware: Hospitals, medical centres and public institutions are being targeted by cybercriminals for ransomware attacks – since they are overwhelmed with the health crisis and cannot afford to be locked out of their systems, the criminals believe they are likely to pay the ransom. The ransomware can enter their systems through emails containing infected links or attachments, compromised employee credentials, or by exploiting a vulnerability in the system.