Threat Watch

Australian Beverage Manufacturer Suffers Cyber-Attack

The Australian beverage manufacturer and distributer, Lion, has confirmed that business operations were disrupted by a cyber-attack. According to a company spokesman, the attack took place on Monday and they are still working to restore systems. The company quickly put manual workarounds in place to continue doing business, although not without difficulty. In one message sent to clients to describe an alternate method to place orders over the phone, the wrong phone number was sent, causing confused clients to end up calling a Sydney-based information security firm instead. Currently, the attack is impacting employees’ remote access to Lion’s systems and impacting locations in both Australia and New Zealand. Although Lion has not divulged the nature of the cyber-attack, a number of media outlets have been speculating that ransomware was involved.

ANALYST NOTES

Lion stated that they currently have no indications that any data breach had taken place at this time, however if ransomware was the cause of the system issues it should be treated as a data breach. Unfortunately, a number of companies fail to prepare for attacks such as these, which can result in simple mistakes. Preparation prior to a security incident can drastically reduce the time, effort, and resources expended in recovery efforts. Currently, Lion is not listed on any ransomware operator’s website, though some will wait to name victims until either the ransom demand has been refused, the deadline to pay has passed, or the attack has been made public. More information on this incident can be found at: https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12338581
Official statements from Lion are being posted at:
https://www.lionco.com/media-centre/lion-update-re-cyber-issue