Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers
By Alex Scroxton, Security Editor
Published: 12 Mar 2021 11:00
Beverage company Molson Coors, the multinational brewer behind brands such as Carling, Cobra, Sharp’s and Staropramen, has fallen victim to a cyber attack that appears to have left it unable to access an undisclosed number of systems and disrupted some of its core business activities.
The Chicago-based firm disclosed the incident – which it says took place on 11 March – in a filing with the US Securities and Exchange Commission (SEC).
Molson Coors described the attack as a “systems outage that was caused by a cyber security incident” and said it had engaged IT forensics and legal assistance to conduct an investigation.
“The company is working around the clock to get its systems back up as quickly as possible,” the firm said in its filing. “Although the company is actively managing this cyber security incident, it has caused and may continue to cause a delay or disruption to parts of the company’s business, including its brewery operations, production and shipments.”
The precise nature of the cyber attack on the company’s systems is yet to be disclosed, but unconfirmed reports from sources within the business indicate a high probability that it is a ransomware attack.
Niamh Muldoon, global data protection officer at identity and access management specialise OneLogin, said high-profile manufacturers were particularly at risk from cyber attacks of this nature. “Ransomware remains a global cyber security threat and is the one cyber crime that has a high direct return of investment associated with it, by holding the victims’ ransom for financial payment,” she said.
“On a global scale, cyber criminals will continue to focus their efforts on this revenue-generating stream. This reinforces what we’ve said before that no industry is exempt from the ransomware threat and it requires constant focus, assessment and review to ensure that critical information assets remain safeguarded and protected against it.”
Edgard Capdevielle, CEO at Nozomi Networks, a specialist in operational technology security, added: “High profile attacks are becoming all too common, as attackers have realised they are immensely more profitable when they target large organisations and disrupt their critical business operations – in this case, the brewing operations of the world’s biggest, well known beer brands.”
Although ransomware has not been confirmed in this case, Nozomi said that such an attack should always be factored into a fit-for-purpose incident response and business continuity plan regardless.
“Beyond a technical response, decision makers need to be prepared to weigh the risks and consequences of alternate actions,” he said.
“Cyber security best practices such as strong segmentation, user training, proactive cyber hygiene programs, multi-factor authentication and the use of continuously updated threat intelligence, should be used to protect IT and operational environments from ransomware and other cyber attacks.”
Although ransomware has not been confirmed in this case, Nozomi said that such an attack should always be factored into a fit-for-purpose incident response and business continuity plan regardless.
“Beyond a technical response, decision makers need to be prepared to weigh the risks and consequences of alternate actions,” he said.
“Cyber security best practices such as strong segmentation, user training, proactive cyber hygiene programs, multi-factor authentication and the use of continuously updated threat intelligence, should be used to protect IT and operational environments from ransomware and other cyber attacks.”
Read
more about recent cyber attacks
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology.
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers.
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online.
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers.
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online.
No comments:
Post a Comment