Security News > 2021 > March > Molson Coors Cracks Open a Cyberattack Investigation

Molson Coors Cracks Open a Cyberattack Investigation
2021-03-12 15:39

Brewing company Molson Coors acknowledged on Thursday that it has "Experienced a systems outage that was caused by a cybersecurity incident," according to a Form 8-K filed with the SEC. The company did not say which type of attack has caused widespread issues across its entire business - including its brewery operations, production and shipments - but given recent major attacks on other mainstream companies, security experts are speculating that it could have been a ransomware attack.

"High-profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations - in this case, the brewing operations of the world's biggest, well-known beer brands," observed Edgard Capdevielle, CEO at Nozomi Networks, in an email to Threatpost.

Those actions could be both on the part of Molson itself - i.e., paying the ransom, which security experts tend to discourage - or further nefarious activity by attackers, such as dumping information obtained from the attack online or maintaining a persistent presence on a system.

WestRock - the second-largest packaging company in the U.S, that counts General Motors, Heinz and Home Depot as customers - also had its business disrupted by a ransomware attack in February.

Known ransomware groups that have been linked to recent attacks include the aforementioned DoppelPaymer and Ryuk; the Clop ransomware gang, which was tied to recent global zero-day attacks on users of the Accellion legacy File Transfer Appliance product; and HelloKitty, which is suspected to be behind the attack of CD Projekt Red - the videogame-development company behind Cyberpunk 2077 - which also happened in February.

Another potential culprit for the Molson Coors attack could be related to an onslaught of attacks by Chinese and other advanced persistent threat groups on recently patched Microsoft Exchange vulnerabilities.


News URL

https://threatpost.com/molson-coors-cyberattack-investigation/164722/