Here we go again. Another multi-billion-dollar company has found itself as the target of a cyber-attack. It seems that these stories are becoming all too common lately. This time it was one of America’s largest beer makers, Chicago-based Molson Coors Co. Molson Coors is America’s second-largest beer producer second to Anheuser-Busch. Molson Coors brews its namesake brands Molson and Coors, as well as Miller, Blue Moon, Leinenkugel’s, Redd’s Hard Apple, and Topo Chico Hard Seltzer.
So, what exactly happened and why did a beer maker get attacked? In short, hackers forced the maker of Coors to stop making beer and halt production completely. Molson Coors experienced a systems outage that was caused by a cybersecurity incident leading to a variety of issues for the company, including brewery operations, production, and shipments.
Unfortunately, it’s become more common for cybercriminals to target high-profile organizations like Molson Coors. Brewing and alcohol companies are under attack. Similar enterprises that have fall victim to cyber-attacks this past year include Brown-Forman, Australia’s Lion, and Italy’s Licya Campari Group. There have been several high-profile cybersecurity incidents lately. Hundreds of thousands of Microsoft Exchange users around the world were targeted as part of a Chinese-linked hack.
Cost of Downtime
Downtime related to a cyber-attack can cost companies thousands of dollars every minute. A 2017 report gauged the total at nearly $9,000. That’s nearly $13 million a day for a multi-billion-dollar company that operates around the clock. There’s no avoiding downtime, either. The infected systems have to be taken offline to limit the spread of the attack and kept offline until a remedy can be achieved. That can take weeks depending on the severity of the attack. Even companies who choose not to pay their ransoms can end up with millions of dollars in incident-related costs.
It’s unclear how much of the Molson Coors beer production was disrupted by the breach, nor is it clear how this will impact the company’s future production. The company has said they were working around the clock to get its systems back up as quickly as possible. They have actively engaged a leading forensic IT firm to assist our investigation.
Preventing Downtime and Loss
Let’s face it, there’s no way to guarantee your organization can avoid a cyber-attack. Heck, even the government gets attacked. A study showed that 33% of ransomware attacks targeted state and local government in 2019. What you can do is prepare for an attack and ensure your data is backed up and offline. That way if an attack does come your way, you can waste as little time as possible getting your systems back up and running. Here are a few things that we recommend to prevent your data from being completely lost or stolen in a cyber-attack.
You will want to create an airgap using the 3-2-1-1 rule. What’s an airgap? What’s the 3-2-1-1 rule? Let us break it down it for you. An airgap is a strategy used to keep an offline copy of your data on tape. Any data that is stored on tape is removed from the network, meaning ransomware can’t cross the “gap of air” that separates it. This is also where the 3-2-1-1 rule comes into play. The 3-2-1-1 rule goes as follows:
- Create at least THREE different copies of your data.
- Store your data on at least TWO different types of media
- Store at least ONE of these copies offsite
- Store one copy of data OFFLINE
Whether you have the best backup solution on the market, the latest anti-virus protection available to the public, or multiple data siloes, this next generation of cybercrime is progressing quickly. In a cloud-based backup, data is backed-up over the internet and most likely stored in a shared storage base at an off-site data center maintained by a third-party company. It’s best to ensure your data is backed up where only YOU can access it.