Last month, Japan experienced a shortage of one of its most popular beer brands after a major cyberattack. Asahi Group’s systems were taken offline after the hit, and it was forced to suspend its order, shipment, and call center operations. The disruption was limited to Japan.
According to the BBC, the producer of Japan’s best-selling beer had to stop production at most of its 30 factories in the country following the attack. Orders and shipments had to be processed manually using paper, pens, and fax machines, resulting in a significant reduction in shipments.
This had a significant impact on bars, restaurants, and retailers, not only because Asahi accounts for approximately 40% of Japan’s beer market, but also because Asahi produces a range of soft drinks, including ginger beer and soda water.
Who was behind the attack?
A ransomware group called Qilin claimed responsibility for the attack on Asahi. CNN reports that it’s the fourth cyber attack the group has launched against Japanese companies since June of this year. Qilin first emerged in 2022 and operates a platform that enables users to conduct cyberattacks in exchange for a portion of the extortion earnings.
In the Asahi attack, Qiling claimed to have stolen budgets, contracts, and personal data.
In a system failure notice issued directly after the attack, Asahi said:
“We took immediate action to contain and respond to the incident. Subsequent investigations have confirmed traces suggesting a potential unauthorized transfer of data. We are conducting [an] investigation to determine the nature and scope of the information that may have been subject to unauthorized transfer.”
Japan’s weak cybersecurity infrastructure
Attacks like these often highlight the inadequate security infrastructure of countries and major institutions. However, experts believe that Japan’s infrastructure is uniquely poor, despite its reputation as being technologically advanced and often described as “living in 2050” by social media influencers.
There are several reasons for this, including being a high-trust society, a shortage of cybersecurity professionals, and low digital literacy rates among business software users. There’s also a reliance on legacy systems and a tendency to pay ransoms following attacks, which also makes Japanese companies appealing to threat actors.
According to CNN, the language barrier also protected the country from cyberattacks for many years. However, technology has since advanced significantly, rendering these barriers obsolete. CEO of Tokyo-based cybersecurity firm Nihon Cyber Defence, Cartan McLaughlin, told CNN that the lack of cyberattacks in previous years has left Japanese companies unprepared:
“Japan was slower to the game than the rest of the world. You can buy all the cyber technology in the world. But if it’s not implemented and managed properly, then there’s no point in buying it.”
Cora is a digital copywriter for SSLs.com. Having eight years of experience in online content creation, she is a versatile writer with an interest in a wide variety of topics, ranging from technology to marketing.