Lion has suffered a cyber attack which forced it to shut down its IT systems, causing disruption to suppliers and customers

1. Cyber attack hits Lion
June 10, 2020 by Clare Burnett
Lion has suffered a cyber attack which forced it to shut down its IT systems, causing disruption to
suppliers and customers.
Lion explained it was working hard to “minimise disruption to customers and suppliers” although it
is not yet clear what form that disruption will take.
It said that it is working with expert advisors to fix the issue, and has alerted the authorities.
“We will provide further updates when we can, and we thank our customers and suppliers for their
patience,” Lion said in a statement.

2. Its breweries have been affected with reports that production has shut down
(https://7news.com.au/technology/lion-australia-shuts-down-production-on-xxxx-gold-west-end-
and-other-brands-after-cyber-attack-c-1089337) across a number of brands.
Industry professionals, including Professor Greg Austin at UNSW (Canberra)
(https://research.unsw.edu.au/people/professor-greg-austin) who is deputy director of UNSW
Canberra Cyber, have suggested that it is highly likely that the attack is related to the acquisition
of Lion Drinks & Dairy by a Chinese corporation, and that the extent to which Lion has responded
indicates it was an extensive attack.
“Whether it’s a ransomware attack, we don’t know. But for the company to shut down its IT
operations – it’s a pretty unusual response,” Professor Austin told Brews News.
“However if the attackers are into their system and they’ve got access, they’ve locked you out and
then the only recourse is to throw away those systems and go to backup files.”
In preventing attacks, Professor Austin explained that it was a multi-front activity, and that while it
may cost Lion a considerable amount to recover, it will have other concerns regarding the breach.
“You have to build in some risk factors into your business model,” he explained.
“I suspect for Lion the repair bill won’t be too much for it to resolve, but there are reputational
risks, and information which Lion wouldn’t want out there – even IP such as beer and drink
recipes for example.”
Cyber attacks
According to the Australian Bureau of Statistics,
(https://www.abs.gov.au/ausstats/abs@.nsf/mf/8167.0) in 2017-18, 11 per cent of businesses
reported internet security incidents or breaches. It found that of those, manufacturing and
wholesale trade industries reported the most internet security incidents or breaches, with 18 per
cent affected.
Professor Austin said that due to the nature of a company’s business operations, they may feel
that they are unlikely to be targeted.
“Companies which are not banks or big finance corporations, or don’t appear to have state secrets
to hide like military arms manufacturers, are perhaps a bit less inclined to pursue cyber security to
the extent that they need to,” he said.
“I’ve no idea about the degree to which Lion set up their cyber security, but on average most big
corporations don’t invest adequately in cyber security. Attacks like this are normally a wakeup call
to corporations.”

3. However he said that spending more doesn’t mean companies are invulnerable to attacks.
“What we see is that corporations are subject to repeated attacks, spend more on cyber security
and then have another one and spend more. But companies are in a predicament because
spending more doesn’t necessarily improve it or prevent the attacks.
“It’s a dilemma about what to invest in. The second point to make, is that whether you are subject
to an attack has more to do with bad luck, rather than what you’re investing in.”
Professor Austin said that it was for most companies a lottery as to when and how they are
attacked.
However due to the timing of the Lion attack, it is very likely connected to the upcoming
acquisition of Lion Dairy & Drinks business, he said. The deal with China Mengniu Dairy Company
Ltd, which does not including Lion’s beer and brewing operations, was approved by the ACCC in
February (https://www.accc.gov.au/media-release/mengniu-deal-to-buy-lion-dairy-drinks-not-
opposed).
“In a situation where this corporation is in the middle of a takeover by a Chinese corporation, it’s
not surprising they have been subject to cyber intrusion,” Professor Austin explained.
He said it was highly likely that the attack came from a party interested in the deal, potentially
even from a Chinese-backed organisation.
“The Chinese government will have its own interests in understanding the financial viability of the
target corporation, and understanding the relationships and people involved.
“A non-Chinese agency might want to know what really is going on: who is involved in the deal; if
it is all above board; what are the motivations of some of the players.”
If the attack on Lion was a ransomware attack, then they will not be the first.
“The thing about ransomware attacks is that they’re very indiscriminate historically. In the UK the
NHS was affected by global ransomware attack in 2017 and it’s those sort of attacks that are
propagated randomly.
“However a targeted attack often comes through these email approaches, what we call a social
engineering approach – someone in the company has been sent an email with malware, opens it
and the malware infects the system.
“If that’s what happened in that case, those internal processes and training of staff are pretty
important.

4. “But research in US that suggests that even most security-sensitive industries, 50 per cent of staff
still fail to recognise phishing emails.”
Professor Austin explained that often industries which would not consider themselves a target do
not protect as comprehensively as they could.
“People in this sector probably don’t feel they are in line for a big cyber attack but those threats
are out there, same with the average user, and we can also suffer considerable damage from
attack.”
(https://eumundibrewery.com.au/)
Share this:
Category: News Tagged: cyber attack, cyber security, Lion, UNSW
About Us Contact Us Advertise
© 2020 | Website by Abepe
(https://www.brewsnews.com.au/2020/06/10/cyber-attack-hits-lion/?share=twitter&nb=1)
(https://www.brewsnews.com.au/2020/06/10/cyber-attack-hits-lion/?share=facebook&nb=1)
Related
Lion Q1 Trading Update
(https://www.brewsnews.com.au/
2013/04/27/lion-q1-trading-
update/)
Union threatens strike over
XXXX brewery jobs
(https://www.brewsnews.com.au/
2018/03/01/union-threatens-lion-
industrial-action-xxxx-brewery-
jobs/)
Lion H1 Trading Update
(https://www.brewsnews.com.au/
2014/08/07/lion-h1-trading-
update-2/)
Law change revives tap contract
debate
(https://www.brewsnews.com.au/
2020/05/07/law-change-revives-
tap-contract-debate/)
Suppliers resilient in face of
COVID-19
(https://www.brewsnews.com.au/
2020/03/23/suppliers-resilient-in-
face-of-covid-19/)
Lion acquires minority stake in
Vanguard Luxury Brands
(https://www.brewsnews.com.au/
2019/04/05/lion-acquires-
minority-stake-in-vanguard-
luxury-brands/)
April 27, 2013
In "Media Releases"
March 1, 2018
In "Featured"
August 7, 2014
In "Media Releases"
May 7, 2020
In "News"
March 23, 2020
In "News" April 5, 2019
In "News"