Japanese beer giant Asahi has confirmed that it is not in negotiations with the hackers responsible for a ransomware attack that has persisted for nearly three months. During a recent news conference, CEO Atsushi Katsuki emphasized that even if a ransom demand were made, the company would refuse to pay it. “We have not been in touch with the attacker, so we do not know their specific demand,” he stated.
The ransomware attack, which came to light on September 29, targeted the company, known for its popular Asahi Super Dry beer, making it the latest high-profile victim of cybercriminal activity. In a ransomware scenario, attackers employ malicious software to lock or encrypt a victim’s systems, subsequently demanding payment for restoration.
Though the company has chosen not to disclose the identity or demands of the attackers, reports indicate that a hacker group called Qilin, believed to be based in Russia, has claimed responsibility for the incident.
Katsuki described the cyberattack as “sophisticated and cunning,” noting, “We thought we had taken full and necessary measures to prevent such an attack. But this attack was beyond our imagination.” The firm has since delayed the release of its financial results, initially postponing third-quarter earnings and now also delaying full-year results until the situation is fully resolved.
Asahi noted that while its output at domestic factories was not directly impacted by the attack, production faced challenges due to the company-wide system shutdown. Nonetheless, product shipments have started to resume in stages. The company issued an apology to customers, expressing appreciation for their understanding during this difficult period.
Last month, Asahi reported that production had resumed at six of its beer factories, and the company was processing orders manually to avoid potential shortages. However, Japanese media sources suggested that full restoration of the company’s systems might take until February.
Asahi is not alone in facing such challenges; other global brands have also suffered from similar cyberattacks. For instance, Jaguar Land Rover was forced to secure emergency funding after a cyber incident crippled operations at its UK facilities. Additionally, Japanese retailer Muji halted its domestic online shopping service earlier this month, following a ransomware attack affecting its delivery partner, Askul.
A recent survey indicated that one-third of Japanese businesses have encountered cyberattacks of some form. Renata Naurzalieva, director of Japan operations at business consultancy Intralink, commented on the situation, observing that Japan has historically been somewhat complacent about cybersecurity. She expressed hope that high-profile incidents could prompt companies to reassess their cybersecurity investments, emphasizing the importance of protecting assets and network data rather than solely seeking a return on investment.
