Cyberattack Against Molson Coors Impacts Brewery Operations, Production, and Shipments
The wave of big-name companies falling victim to disruptive malware attacks is showing no signs of slowing down with beverage conglomerate Molson Coors Beverage Company announcing on Thursday that it was recovering from an incident that severely disrupted its production operations.
The company’s disclosure of the incident, believed to be a ransomware infection, was contained in an 8K filing with the Securities and Exchange Commission (SEC) that discusses an “a systems outage that was caused by a cybersecurity incident.”
Molson Coors, makers of popular beer brands in the U.S., confirmed the malware attack has caused delays and disruptions to parts of the business handling brewery operations, production, and shipments.
The company produces several iconic beer brands including Coors Light, Miller Lite, Molson Canadian, Carling, Coors Banquet, Blue Moon and others.
The company said it was “actively managing” the incident through an engagement with leading forensic information technology firms.
“[We are] working around the clock to get its systems back up as quickly as possible,” the company said in the filing.
The company did not provide technical details of the incident.
The Molson Coors Beverage Company’s problems with ransomware mirror similar attacks that have resulted in production being disrupted for a manufacturing company. Earlier this month, French boat maker Groupe Beneteau fell victim to a cyberattack that forced a production shut down for several days. Last month packaging giant WestRock said a ransomware incident impacted the company’s information technology (IT) and operational technology (OT) systems.
“High profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations – in this case, the brewing operations of the world’s biggest, well known beer brands,” Edgard Capdevielle, CEO at Nozomi Networks, told SecurityWeek.
“While the company hasn’t released details, this scenario could be ransomware and this type of situation should be factored into an organization’s incident response and business continuity plan,” Capdevielle continued. “Beyond a technical response, decision makers need to be prepared to weigh the risks and consequences of alternate actions. Ransomware threat actors typically rely on spear phishing links or vulnerable public services to gain initial entry into a network. Afterward, they move laterally to gain access to as many nodes of the network as possible, allowing them to increase the magnitude of the disruption.”
Last summer beverages company Lion, a major supplier of beer and milk in Australia and New Zealand, was hit by a ransomware attack that caused disruptions to manufacturing processes and customer service.
Japanese car maker Honda was also hit by ransomware last summer, which impacted production operations at some plants in the United States.
Tech firms have long issued warnings that industrial control systems that power manufacturing plants and utilities are prime targets for ransomware attacks. In a December 2020 report from IBM and industrial cybersecurity firm Dragos, researchers noted that ransomware attacks against industrial entities jumped more than 500 percent over the last two years.