Japanese beer giant Asahi has announced that it is not negotiating with the hackers responsible for a “sophisticated and cunning” ransomware attack, which has now persisted for nearly three months. The attack has forced the company to delay financial disclosures and has disrupted operations, although production is gradually resuming.
CEO Atsushi Katsuki stated at a news conference, “Even if we had a ransom demand, we would not have paid it. We have not been in touch with the attacker, so we don’t know their specific demand.” The attack, which began on September 29, targeted the systems of Asahi, the maker of the popular Asahi Super Dry beer, marking the company as the latest high-profile global corporate target.
Understanding the Ransomware Threat
Ransomware attacks involve malicious software that locks or encrypts a victim’s systems, with attackers demanding payment to restore access. Despite the severity of the attack, Asahi has refrained from disclosing the identity or demands of the perpetrators. However, the hacker group Qilin, believed to be based in Russia, has issued a statement interpreted by Japanese media as a claim of responsibility.
Katsuki remarked, “We thought we had taken full and necessary measures to prevent such an attack. But this attack was beyond our imagination. It was a sophisticated and cunning attack.” The company has had to postpone its third-quarter earnings release and has now delayed full-year results as well.
Impact on Operations and Recovery Efforts
Asahi has been working to mitigate the impact of the attack on its operations. The company announced that shipments are resuming in stages as system recovery progresses, stating, “We apologize for the continued inconvenience and appreciate your understanding.” Although output at Asahi’s 30 domestic factories was not directly affected by the system shutdown, production was halted due to the overarching company-wide issues.
Efforts to restore operations include processing orders manually to avoid potential shortages. Japanese media reported that full system restoration might not be achieved until February.
Global Context and Expert Insights
This incident is part of a broader trend of cyberattacks targeting major global brands. Recently, Indian-owned Jaguar Land Rover faced a similar challenge, seeking emergency funding after a cyberattack disrupted operations at its UK factories. In October, Japanese retailer Muji suspended its domestic online shopping service following a ransomware attack on its delivery partner, Askul.
A survey from June revealed that a third of Japanese businesses have experienced some form of cyberattack. Renata Naurzalieva, director of Japan operations at business development consultancy Intralink, commented, “Japan has always been a little bit complacent in terms of cybersecurity.” She emphasized the need for heightened awareness and investment in cybersecurity measures, stating, “It’s not the return on investment that you’re looking for, it’s, ‘can it protect my assets, can it protect my network data.'”
“High-profile cases are a terrible thing, but I do hope that it opens the eyes for the wider sector that — guys, you need to up your game,” Naurzalieva added.
Future Implications
The Asahi cyberattack underscores the growing threat of ransomware to businesses worldwide. As companies increasingly rely on digital infrastructure, the need for robust cybersecurity measures becomes more critical. Asahi’s experience may serve as a cautionary tale, prompting other companies to reassess their cybersecurity strategies and preparedness.
As the company works towards full recovery, the implications of this attack on its financial performance and reputation remain to be seen. The situation highlights the importance of transparency and resilience in the face of cyber threats, setting a precedent for how businesses can navigate such crises without succumbing to ransom demands.
