back to article Australia's Lion brewery hit by second cyber attack as nation staggers under suspected Chinese digital assault

As Australia reels under sustained cyber attacks following increased Chinese diplomatic hostility, the country's Lion brewery and dairy conglomerate has been hit for the second time. The Sydney Morning Herald reported that Lion told its staff today "it had been hit by a second cyber attack that had further disrupted its IT …

  1. Version 1.0 Silver badge
    Facepalm

    An Attack or a Screwup?

    There's no way to really know but it sounds like a typical situation where someone (maybe working from home and connected via VPN?) checked one of their email accounts and opened an attachment that seemed to be from a supplier... maybe Newlabel.img to see if the new labels looked good, or maybe proforma invoice.zip (proforma invoice.exe), Enquiry.lzh, New Purchase - June.zip (New Purchase - June.bat), VALIDATE HERE.html, awb_1446275724_invoice-receipt.xlsm ... etc etc - these are just the ones I've received (and deleted) since lunchtime.

    If you are connected to the internet in any way then you have the potential to be under attack. Everything flowing through the internet must be checked and quarantined if there is even the slightest possibility of infection.

    1. Magani
      Pint

      Re: An Attack or a Screwup?

      Considering that the attacks are spread across a wide range of industries simultaneously, I'd suggest it's more than Scotty from Marketing opening an attachment.

      1. Anonymous Coward
        Anonymous Coward

        no working backups ?

        so their backups didnt work and they say... it was virus

      2. macjules Silver badge

        Re: An Attack or a Screwup?

        NotPetya was exactly that. Someone in Maersk Kiev opened an attachment and the virus spread from there.

      3. Anonymous Coward
        Anonymous Coward

        Re: An Attack or a Screwup?

        They aren't after Scotty from Marketing.

        It's Dick from the senior management team (details on the companies website) and Helen in accounts payable they want.

        Ransomware generally comes in via a client device or e-mail - and both are being heavily pushed at the moment because normal company structures are a little out of shape and more vulnerable.

    2. Nifty Bronze badge

      Re: An Attack or a Screwup?

      I don't get the WFH angle. Just as much chance of being clickjacked while in the office network.

      1. Anonymous Coward
        Anonymous Coward

        Re: An Attack or a Screwup?

        Not all companies had a clearly thought out WFH policy before this event - the policy in some companies was thou shalt not work from home so we won't consider the security implications.

        Combine that with overloaded remote access solutions and workarounds like VPN split tunnelling and suddenly the legacy hard perimeter is full of holes and client AV isn't sufficient to stop more advanced threats.

    3. vtcodger Silver badge
      Devil

      Re: An Attack or a Screwup?

      Let me see if I have this straight. The Chinese are thought to be using their no doubt extensive and sophisticated cyber warfare capability to target ... banks? The Australian military? The Australian power grid?

      Nope. They're out to batter an Australian brewery into submission???

      Well, maybe. ... Are there are tanker loads of Tsingtao beer hovering in the Pacific just beyond the reach of radar from Brisbane, Newcastle, and Sydney waiting to sell their product to thirsty Australians at extortionate prices?

      1. Warm Braw Silver badge

        Re: An Attack or a Screwup?

        I think we can safely say it's unlikely they're after the recipe.

      2. Anonymous Coward
        Anonymous Coward

        Re: An Attack or a Screwup?

        No better way to piss of an Aussie than to go after their beer.....

      3. DavCrav Silver badge

        Re: An Attack or a Screwup?

        "Nope. They're out to batter an Australian brewery into submission???"

        They are also attacking all of the things you suggest. It's total cyber-war, by China, likely as punishment for Australian 'transgressions' regarding the international investigation into COVID.

        1. Kabukiwookie Silver badge

          Re: An Attack or a Screwup?

          Sure it's not the NSA from Hongkong making sure that Oz does what the US says it should be doing, while in the meantime prepping Oz to be a dumping ground for chlorine washed chickens, force grown beef and mediocre military equipment pandered by its military industrial complex?

          1. Dagg

            Re: An Attack or a Screwup?

            And Pabst Blue beer...

            1. Anonymous Coward
              Anonymous Coward

              Re: An Attack or a Screwup?

              And Pabst Blue "beer"...

              FTFY

        2. julian.smith
          Mushroom

          Re: An Attack or a Screwup?

          "It's total cyber-war, by China"

          I don't think so - the consensus view is that China has significant cyber capability.

          This isn't sophisticated, except perhaps to Scotty.

          Another reliable source, the Daily Mail, had advice on how to protect your home computer from the "attacks"

      4. Trixr

        Re: An Attack or a Screwup?

        It's not just Lion, there's a whole raft of govt agencies - local and federal - and businesses that are being targeted in Oz at the moment.

        And yes, none of the methods are particularly sophisticated, but they're getting in via unpatched SharePoint, IIS, and Telerik products as well as spearphishing emails

      5. Anonymous Coward
        Anonymous Coward

        Re: An Attack or a Screwup?

        "Are there are tanker loads of Tsingtao beer hovering in the Pacific just beyond the reach of radar from Brisbane, Newcastle, and Sydney waiting to sell their product to thirsty Australians at extortionate prices?"

        No, if only because there are plenty of horses with full bladders in Australia still

    4. jgarbo
      Devil

      Re: An Attack or a Screwup?

      More likely some fool is updating Windows. Why would the Chinese govt attack a beer maker? TsingTao is already better than Oz suds.

      1. "Dead Eye"

        Re: An Attack or a Screwup?

        For Australia this would be an attack against a bit of Critical National Infrastructure...

        1. Kabukiwookie Silver badge

          Re: An Attack or a Screwup?

          Nobody's going to be upset if they can't get a Speight's in the pub anymore..

    5. General Purpose

      Re: An Attack or a Screwup?

      Let's not jump to the conclusion that someone opened a dodgy attachment. If people think that's all they have to worry about, they're horribly vulnerable. It'd be like thinking you're safe from being scammed because you don't do internet dating.

  2. Lorribot

    Two questions

    Ask yourself two questions

    How ready is your company to deal with one let alone two attacks?

    How luck do you feel today?

    1. This post has been deleted by its author

    2. sanmigueelbeer Silver badge

      Re: Two questions

      that the company had contracted multinational professional services company Accenture to assist it in recovery efforts

      Could've been worse. Could've been IBM.

  3. Snowy
    Facepalm

    If China has nothing to hide...

    then it should have nothing to fear in an international investigation :)

    1. Anonymous Coward
      Anonymous Coward

      Re: If China has nothing to hide...

      Of late, the Middle Kingdom has become simultaneously defensive, belligerent and very thin skinned.

      Stand by for tears at bedtime.

      1. Chris G Silver badge

        Re: If China has nothing to hide...

        That is hardly surprising considering the billions of dollars of sanctions and accusations from the Persimmon Primate and others that every ill afflicting the world originated in the middle kingdom.

        I have noticed that other countries seem to be equally thin skinned when under scrutiny.

        Frankly, I don't trust any government.

        1. Chris the bean counter Bronze badge

          Re: If China has nothing to hide...

          Whataboutism that assists the enemy, another useful idiot.

          To compare a tyranny like China with democratic countries is naive or corrupt.

          Choose your side

          1. This post has been deleted by its author

            1. Stork Silver badge

              Re: If China has nothing to hide...

              Oh yes, and how is the Russian interference report coming along?

              1. Chris the bean counter Bronze badge

                Re: If China has nothing to hide...

                Russia in terrible trouble due to long term low oil prices.

                I expect Russia was doing some interference, doubt it had much impact and a lot of the evidence was lacking in credibility.

            2. JCitizen Bronze badge
              WTF?

              @My other car is also a Trabant

              Where is this right wing media? I watch almost every news service on TV and haven't found one yet! BBC comes as close as I've found, as they seem to report all the news and the uncomfortable news too. Is that your single source?

              Backwater internet trolls don't count, they are not big enough to provide coverage to the public at large; just fringe groups and there are plenty of those to keep all flavor if nuthatches happy. That includes Breitbart - nobody even heard of them until the regular news media started screaming about them.

          2. Chris G Silver badge

            Re: If China has nothing to hide...

            Most of the useful idiots are those who don't question enough of what they are told.

            I don't know where you live but I doubt it is a genuine democracy.

            China is not a democracy and does not pretend to be even if it is far from the best place in the world it's not the worst place in the world either.

            I'm not defending them or approving as just like most countries they must try harder.

            Some beans; https://chinapower.csis.org/china-middle-class/

            1. Chris the bean counter Bronze badge

              Re: If China has nothing to hide...

              UK.

              Economist magazine does the rankings of democracies. Not perfect but pretty much the gold standard. You are welcome to come up with an alternative.

              Countries split into leagues with top 2 considered to be a democracy. This comprises 75 countries. UK is league 1 mid table, slightly below Germany and above France.

              USA iirc is league 2, mainly due to gerrymandering, lack of limits on campaign spending etc.

              Until Xi came along China was heading in right direction. Democracy usually driven by middle class, the only non democracies richer that China were oil states that do not have income tax.

          3. BebopWeBop Silver badge

            Re: If China has nothing to hide...

            Not at all. While the comparisons might be difficult, it is a useful indicator of where we might be driven if we do not exercise constant vigilance. A comment about a western policy that includes the line 'just what China would do' might give people appropriate food for thought.

          4. teknopaul Silver badge

            Re: If China has nothing to hide...

            You dont have to choose a side.

            Not going to war was an option.

            Ending it still is.

            1. Chris the bean counter Bronze badge

              Re: If China has nothing to hide...

              By not picking a side you are by default choosing to not confront evil.

              When it is Democracy v Non Democracy it is always Democracy to choose and usually the winning side.

          5. Kabukiwookie Silver badge

            Re: If China has nothing to hide...

            Choose your side

            I choose myself and other non warmongering people who prefer to cooperate instead of antagonise for personal short-term gain.

            So stick your fake two-party democracy down-under (not Oz) and crawl back under your rock.

        2. DavCrav Silver badge

          Re: If China has nothing to hide...

          "That is hardly surprising considering the billions of dollars of sanctions"

          Blah blah blah. The belligerence, concentration camps, militarization of the South China Sea, etc., all happened before Trump's sanctions.

          1. Anonymous Coward
            Anonymous Coward

            Re: If China has nothing to hide...

            As did Iraq, Afghanistan, Vietnam and all the other American imperialist adventures.

            Your point? God is on your side or something?

          2. Anonymous Coward
            Anonymous Coward

            Re: If China has nothing to hide...

            >>The belligerence, concentration camps,

            Apparently the camps are, "exactly the right thing to do!" according to the "leader" of the "free world".

            1. disgustedoftunbridgewells Silver badge
              Gimp

              Re: If China has nothing to hide...

              .....according to some gimp with no credibility trying to flog his book.

              1. Anonymous Coward
                Anonymous Coward

                Re: If China has nothing to hide...

                >some gimp with no credibility

                Don't you mean an ultra-right right-wing neocon hawk? Short memory you have there,

                1. disgustedoftunbridgewells Silver badge

                  Re: If China has nothing to hide...

                  Whoever he is, whatever his politics, he has a grudge and a book to sell.

                  The only reason people believe him as because he's attacking Trump, but that doesn't make it true.

                  Trump is perfectly capable of doing and saying stupid things without other people making new ones up.

          3. fajensen Silver badge

            Re: If China has nothing to hide...

            The belligerence, concentration camps, militarization of the South China Sea, etc., all happened before Trump's sanctions.

            I am confused: Are we talking about the USA or China here?

            The USA has the "immigrant processing centers" and Indefinite Detention + Guantanmo to be proud of, Australia, being the poor cousin, has only the "immigrant processing islands" ....

            1. disgustedoftunbridgewells Silver badge
              Coat

              Re: If China has nothing to hide...

              Why are you pretending that those are the same things.

              China is locking up people in re-education camps for the crime of being muslim.

              America holds illegal immigrants in order to deport them.

              Australia intercepts illegal immigrants before they get to the mainland, diverting them to an island so that they can be deported ( this has vastly cut the number of drownings, by the way ).

              America also arrests and holds enemy combatants.

              Which of those things is bad? I'll give you a clue, it's the one being perpetrated by the Chinese Communist Party.

              Bloody children posting on El Reg. They should check ID at the door.

              1. batfink Silver badge

                Re: If China has nothing to hide...

                You mean "people the US declares to be "enemy combatants"" don't you? You might also want tho think about the Black Sites as well,as well as the illegal renditions.

                I also suggest that you educate yourself on the US prison system and rates of incarceration, and the ethic mix of prisoners there. You might also want to find out how much the prisoners are paid for their labour there, and how close you think that is to modern slave labour.

                1. Kabukiwookie Silver badge

                  Re: If China has nothing to hide...

                  You might also want to find out how much the prisoners are paid for their labour there, and how close you think that is to modern slave labour.

                  Sadly it's not that far from the minimum wage in the US if you take into account the 'free' room an board the prisoners are receiving

                  Not a good thing and just another indictment of the US banana republic.

                  Was in NY earlier this year for business and thought I landed in a warzone when I was driven in a huge 4x4 to Manhattan. Disgusting surroundings, rubbish everywhere. Potholes you can park a Smart car in. No wonder they need a 4x4 to get around.

                  Will not go back there voluntarily any time soon.

      2. Anonymous Coward
        Anonymous Coward

        Re: If China has nothing to hide...

        Crocodile tears?

      3. Flywheel Silver badge

        Re: If China has nothing to hide...

        No worries! I have my Winnie-the-Pooh cuddly toy to guard me!

  4. Kevin McMurtrie Silver badge

    Firewall chicken

    Networking people really need to get more aggressive about blocking huge chunks of the Internet that doesn't like playing nice. The potential loss of a few legitimate customers isn't anything compared to the constant attacks that certain networks pride themselves on hosting. Start with Chinese, Korean, and Vietnamese government networks, OVH, and DigitalOcean. If it works out, maybe try FOS VPN, Google, and Amazon too.

    Or do nothing and let the Internet slowly decay into nothing but constant attacks. It's why there's no more free WiFi. Free WiFi companies did nothing about customers with infected laptops and eventually everything was supersaturated with botnet attacks.

    1. Anonymous Coward
      Anonymous Coward

      Re: Firewall chicken

      You are arguing for walled gardens controlled by politicians. What could possibly go wrong?

      Normally, it's the Chinese and Russian who are advocating excluding the rest of the world, for reasons. You sound just like them. Maybe you're as scared as they are.

      1. Kevin McMurtrie Silver badge

        Re: Firewall chicken

        I never mentioned politicians. I'm talking about why public blacklists and blacklist services aren't used more often. These can be selected and used by whatever serves a company best.

        The current technique of re-actively blocking single abusive IPv4 addresses stopped working well some time in early 1990.

    2. iron Silver badge

      Re: Firewall chicken

      Blocking chunks of the internet does nothing except annoy people, block potential customers / users and give you a false sense of security.

      40% of phishing attacks come from C&C servers in the USA - by far the vast majority. Are you're going to block USA IP addresses from your networks?

      The top six phishing C&C locations are USA, Russia, Germany, Netherlands, France & UK. Well done your 'clever' IP blocks prevent none of them.

      Stats: https://www.csoonline.com/article/3153707/top-cybersecurity-facts-figures-and-statistics.html

  5. Anonymous Coward
    Anonymous Coward

    Pooh Bear and his crew

    Pathetic, scary, but ultimately pathetic.

  6. Anonymous Coward
    Anonymous Coward

    Pot accuses kettle......

    ....of course....Five Eyes countries have NEVER, EVER mounted cyber attacks on anyone else, never mind on THEIR OWN ALLIES.....

    *

    Oh wait.......

    *

    https://www.theguardian.com/uk-news/2018/sep/21/british-spies-hacked-into-belgacom-on-ministers-orders-claims-report

    1. vtcodger Silver badge

      Re: Pot accuses kettle......

      Well, it's pretty clear that the NSA/CIA have never successfully targeted a foreign brewery. The evidence: Budweiser-Light.

    2. This post has been deleted by a moderator

  7. Colonel Mad

    WTF

    I couldn't give a XXXX

  8. IGotOut Silver badge

    Odd statement.

    "The company is now focusing on defence efforts over restoration from the previous attack"

    That's like saying we've replaced the ceiling, walls and floor, but we left the leaking pipe pissing out water while we did the repairs.

  9. Anonymous Coward
    Anonymous Coward

    Trade sanctions and cyberattacks

    Current weapons of choice for superpowers apparently.

    Why are the Australians surprised?

    1. Fruit and Nutcase Silver badge
      Mushroom

      Re: Trade sanctions and cyberattacks

      Current weapons of choice for superpowers apparently.

      Over in Ladakh, the Chinese are allegedly using other types of weapons...

      https://www.bbc.co.uk/news/world-asia-india-53089037

      1. Anonymous Coward
        Anonymous Coward

        Re: Trade sanctions and cyberattacks

        You are aware that the Indian Prime Minister stated that "there were no foreign incursions into India"?

        Are you just China bashing because of your prejudices or because you know they're at fault?

  10. Anonymous Coward
    Anonymous Coward

    Australia's Encryption-Busting Law

    Well they were warned it would make them less secure.

    Looks like the Australian leadership has just learnt the hard way. But they know best.

    Idiots.

    1. Trixr

      Re: Australia's Encryption-Busting Law

      That's not it. I don't know of anyone who's using some govt backdoor encryption - we're using vendor/industry-standard stuff.

      The exploits have nothing to do with TLS either. They're getting in via unpatched SharePoint, IIS etc, and spearphishing

      1. Anonymous Coward
        Anonymous Coward

        Re: Australia's Encryption-Busting Law

        Different idiots then.

  11. Tom 7 Silver badge

    Camra

    got a militant wing?

    1. David 132 Silver badge
      Happy

      Re: Camra

      Ale-Qaeda?

  12. botski@comcast.net

    Why blame China for the pandemic? It's obvious our Stable Genius ordered his military to create the virus and plant it in Wuhan. And, like everything he has mismanaged since he was 18 years old, the virus went viral. (/s. (Or is it?))

  13. Anonymous Coward
    Anonymous Coward

    Horses, races run etc

    It's not as if Australia doesn't have form blaming hackers for the national census failure. I'll wait until there is some actual evidence from a reputable source before attribution to the Chinese. Which is not to be confused with me thinking the Chinese didn't/wouldn't do this, I just want some evidence first.

    1. PhilipN

      Re: Horses, races run etc

      Given the form* of the Australian Strategic Policy Institute which couldn’t blame China fast enough it is almost certainly somebody else.

      *Have a gander at their Wikipedia entry and the section headed Criticisms.

      1. batfink Silver badge

        Re: Horses, races run etc

        Never mind the criticisms, just have a look at their sponsors

  14. julian.smith
    Facepalm

    Australian Politicians and IT

    Scotty from Marketing claimed:

    - it was sophisticated, it wasn't

    - it was widespread, couldn't name a company under attack

    - it was a foreign actor, his sock puppets said China - without proof

    China almost certainly has the capability for sophisticated, large scale cyber attacks - this wasn't one

    My advice:

    - don't piss off your biggest customer unless you are really sure of what you are doing and why you are doing it (Anyone want some barley, we've suddenly got plenty available)

    - hope that the Chinese don't find out about Australia's blackballing of Huawei because, wait for it - it may contain undetected backdoors, unlike American kit

  15. Citizen99

    Mate, attacking the beer is seriously out of order

    1. julian.smith
      Pint

      Mate, attacking the beer is seriously out of order

      If Australians made good beer they could export some ... unfortunately only Trumpland or the UK are possible markets

  16. Anonymous Coward
    Anonymous Coward

    Not blaming, but don't forget

    I' m not saying this was China, but don't forget that Chinese APT groups are all government run.

  17. Anonymous Coward
    Anonymous Coward

    At least it's not an act of war...

    so long as it's the west doing the attacking. /S

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020