Australia and New Zealand’s largest drinks manufacturer, Lion, was hit by a ransomware attack on June 9th. As of Monday June 15th, systems were still ‘partially down’.
Per Lion: “Our investigations have shown that a partial IT system outage at Lion is a result of a ransomware attack. In response, we immediately shut down key systems as a precaution. We have made good progress, however there is still some way to go before we can resume our normal manufacturing operations and customer service.”
With the stoppage stretching into a seventh day, the case highlights how quickly an operational disruption-oriented breach can negatively impact a company. Within a day, the brewer and bottler—not typically what one thinks of as a technology company—was reporting an inability to deliver product on time as a result of its partial IT shutdown.
Per the company: “Throughout the COVID-19 shutdown, we were able to continue to brew beer safely. We had stock at hand and were gearing up to increase brewing. This attack has delayed those plans, and because of the situation we have limited visibility of our products.”
The attack succeeded in disrupting operations in a way that even the pandemic didn’t. Poor cyber governance increases the probably of successful ransomware attacks. This was on display last week with Honda. Conversely, good cyber governance lowers the probability of such an attack.
This disruption comes at a difficult time for a company that was already working to limit the downside impact as a result of the pandemic. The management of technology matters more today than ever, for every company, even a brewer.