What just happened? Ransomware attacks have crippled hospitals, schools, and even a US fuel pipeline. Now, the same kind of cybercrime is threatening something as ordinary as beer. The disruption at Japan's largest brewery is a reminder that ransomware can upend everyday life and that the global fight against cybercrime is far from over.
Asahi, Japan's largest brewery, recently confirmed that it paused operations after a breach of its IT systems. Retailers now warn that the country's most popular beer, Asahi Super Dry, could run out within days.
The company, which is withholding some details for privacy reasons, said the cyberattack struck on Monday and forced it to suspend orders, shipments, and customer service. While some information was extracted, Asahi said no customer data is at risk and that the disruption is limited to Japan. The company added that its internal investigation is ongoing and that details could change.
It is unclear when full service will return. Past Japanese ransomware victims have taken more than a month to recover. In the meantime, Asahi has resumed some orders using analog systems, with customer service expected to restart next week.
Because most of Asahi's 30 factories in Japan have been offline since Monday, convenience stores and bars worry Super Dry could run out within two or three days. Although rival brewers may attempt to fill the gap, many customers remain loyal to Asahi's flagship brand.
Also see: How to defend against ransomware - essential mitigation strategies
The incident recalls one of the most infamous ransomware attacks in recent years: the 2021 Colonial Pipeline breach by the Eastern European group DarkSide. As in the Asahi case, the pipeline itself – supplying nearly half of the East Coast's fuel – was not physically affected, but operators suspended orders after being locked out of IT systems.
Ransomware attacks have reached record levels and become more dangerous in the years since, as targeted companies have continued to pay cybercrime gangs millions.
Law enforcement agencies in the US and UK shut down the LockBit ransomware developer's operations earlier this year, but the group recently reemerged with a new, more versatile version of the malware. Japanese companies, more than 200 of which were targeted last year, have become increasingly attractive to attackers due to outdated security protocols and a tendency to quietly pay ransoms.
Experts recommend that companies defend against ransomware by keeping secure backups, segmenting networks, training employees to spot scams, and responding quickly to breaches.
Following cyberattack, Japan is days away from running out of country's favorite beer
