New Zealand-based Fisher and Paykel and Japanese automaker Honda have since been targeted, with the appliance maker hit by a malware program called Nefilim and the Japanese carmaker reportedly infected by the “Snake” ransomware. The latest spate of attacks come in the wake of government department Service NSW, Toll Group and BlueScope all having their operations disrupted by cyber attacks in recent weeks.
Unlike other ransomware, Snake specialises in targeting industrial control systems. Honda announced it had temporarily suspended production at some of its manufacturing facilities following the attack on its systems, which reportedly affected plants all over the globe on Monday.
Meanwhile, the hackers behind the Fisher and Paykel began to publish corporate files on the dark web this week containing financial data like balance sheets, reviews, and budgets dating back to 2013.
Staff at Lion, which was previously known as Lion Nathan, lost remote access as a result of its attack earlier this week, which has also impacted the processing of customer orders. Late on Wednesday night, the company issued a statement saying it was “still investigating every aspect” of what it called a “major incident”, but declined to specify what type of attack it had suffered from.
“This attack could not have come at a worse time for Lion,” the company said, revealing the incident was uncovered on Monday, the Queen’s Birthday public holiday across most of Australia.
“Throughout the COVID shutdown, we were able to continue to brew beer safely, meaning we have a good supply of product for the time being,” it said.
“In saying that, this attack has impacted crucial aspects of the brewing process. We operate multiple large-scale breweries, which are heavily reliant on IT infrastructure.”
Some parts of Lion’s customer service still remain offline for its dairy and drinks business, it said, and due to the nature of fresh dairy and juice products there had been “some service misses in some customer channels” as it worked to manually key and pick orders.
“We are continuing to do all we can to ensure we can service the demand of our customers and have a team of people working with customers to assist with ordering and delivery,” it said.
“We immediately shut down all our systems as a precaution, and we have continued to work with cyber experts to determine how much longer our systems will be impacted. That said, we have made substantial progress over the last 24 hours in terms of diagnosis and recovery planning.”
“There is no evidence to date of any data breaches, but we are still investigating every aspect of this major incident.”
Meanwhile, Fisher & Paykel Appliances spokesman Andrew Luxmoore said in a statement that the attack on its business occurred last week and had impacted manufacturing and distribution.
“The attempt was identified quickly and, as a result, we locked down our IT ecosystem immediately.
“We are currently working with third-party experts to restore our systems and our ability to take and fulfil orders, as well as introducing additional security measures,” he said.
Ben Grubb is a Desk Editor/Locum Homepage Editor for The Sydney Morning Herald.