Pictured: a Molson Canadian facility, as viewed from Old Montreal. (Eternalsleeper at en.wikipedia, CC BY 3. https://creativecommons.org/licenses/by/3., by means of Wikimedia Commons)
Molson Coors these days reported that it has knowledgeable a units outage caused by a cybersecurity incident that has delayed and could continue to disrupt areas of the company’s business, which includes its brewery functions, generation and shipments.
Though the buzz all around the security industry was that the firm experienced a ransomware attack, Molson Coors did not validate the nature of the cyber incident.
The Chicago-dependent brewer, finest recognised for Coors Light-weight and Miller Light-weight and several other legacy beer manufacturers, mentioned in a Kind 8-K filing that it has hired a major forensic details technology company and legal counsel to assist the business look into and remediate the incident and get its devices again up.
Specified the spherical-the-clock mother nature of operations at food items and beverage businesses, a great deal of the IT gear in production vegetation just can’t get patched routinely, making these functions a primary target for assaults, stated Grant Geyer, main product officer at Claroty. Geyer reported new Claroty research found that the foodstuff and agriculture sector has noticed a 56 % increase in industrial manage program (ICS) vulnerabilities from 2019 to 2020, soon after observing no improve from 2018 to 2019.
“What’s distinct is that industrial functions are now a aspiration focus on for cyber attackers in search of economic obtain,” Geyer mentioned. “One extra distinctive and about aspect of the food stuff and beverage marketplace is the pretty wide established of 3rd-party automation suppliers that retain internet site-to-website access straight into the operational technology natural environment for upkeep. These connections have amazingly minimal identification and access management controls and even much less – if any – session monitoring and recording. With so many potential OT entry points, attackers really do not even need to transit the IT/OT boundary to wreak havoc.”
Craig Lurey, CTO and co-founder of Keeper Security, noted that this incident demonstrates how cyberattacks in an natural environment such as this “can wreak havoc throughout an whole source chain – impacting operations, creation and even shipment… These amenities continue on to be vital targets [of] risk actors who are in search of to steal beneficial electronic IP or manipulate controls – and ransomware is a relatively speedy and uncomplicated way to do this. In a case like this, educating the to start with line of protection, employees or plant operators on ideal apply about passwords and endpoint security across the total knowledge setting is very important to stay clear of a problem like this in the future.”
Some parts of this article are sourced from:
www.scmagazine.com