back to article Belgian ale legend Duvel's brewery borked as ransomware halts production

Belgian beer brewer Duvel says a ransomware attack has brought its facility to a standstill while its IT team works to remediate the damage. Spokesperson Ellen Aarts had a statement on tap for local media on Wednesday: "At 0130 last night, the alarms went off in Duvel's IT department because ransomware had been detected. …

  1. 0laf Silver badge

    Too far

    These bastards have hit hospitals, governments and airlines

    But now they've gone too far, hitting a brewer. Risking an interruption in the flow of that sweet sweet nectar.

    I think we need a peoples army of hackers to take them out. If it's beer today tomorrow it could be crisp (chips for the west-pondians) or pizza.

    1. Blazde Silver badge

      Re: Too far

      I wanted to confirm the brewery is on Belgian's Critical Infrastructure list (surely, right?) but their National Crisis Center site which handles such things is down at the moment:

      This is what happens when Belgian sysadmins run out of beer, everything grinds to a halt

      Edit: It's back. They must have broken up the emergency crate

      1. chivo243 Silver badge

        Re: Too far

        This is what happens when Belgian sysadmins run out of beer, everything grinds to a halt

        Belgian truck drivers should be added to this list! I once stayed at a hotel that had a bar near the 'snelweg' and at dinner time, there were loads of truck drivers, with considerable table muscle hoisting a few on break... with the state of things in Europe, I'm sure you don't want to get between a trucker and his libation.

    2. Throatwarbler Mangrove Silver badge

      Re: Too far

      Indeed, why couldn't the ransomware scum have hit Heineken instead? (I know, that's Dutch.)

      1. Anonymous Coward
        Anonymous Coward

        Re: Too far

        Or Stella!!!

        1. Piro Silver badge

          Re: Too far

          The Stella brewery doesn't only produce Stella,I've been on a tour.

          Nice place, nice town.

    3. Dizzy Dwarf Bronze badge

      Re: Too far

      Attack on Thursday. Obviously planned to cause maximum disruption on Friday.

      The utter cunts.

      1. Blazde Silver badge

        Re: Too far

        It's Bierfestival Mechelen this very weekend too!

        (but then it's hard to find a weekend without a beer festival in Belgium)

  2. Charlie Clark Silver badge

    The end of the world!

    Just try and remember what it was like…

  3. Anonymous Coward
    Anonymous Coward

    I hope they get it sorted quick, Duvel is a particularly delicious drop.

    1. abend0c4 Silver badge

      I don't think they're in danger of Mort Subite.

    2. I ain't Spartacus Gold badge

      I've gone off Duvel. Used to love it, but I might have perhaps had a few too many once or twice when I lived in Brussels.

      I particularly remember my first week working there - out with someone on a Wednesday night. As I started on my 6th bottle of the stuff, thinking that I was feeling rather drunk for someone who'd only had 5 half pints of lager over dinner and a chat. Then looking at the 8.6% alcohol label on the the bottle. Oops.

      1. cookieMonster Silver badge

        Been there, done exactly that… I think, I’m not sure if I remember correctly….

        Pint icon, cause yeah…

      2. Robin

        To help avoid that, a rule of thumb I was once told by a Belgian person was to keep your session to a total of 24%. So if you're on the 8% beer you have 3 of them. If it's 6%, 4 of them. And so on. This is all based on the common beer bottle serving for that stuff (33cl).

        I've tried it and it seemed to stop me having a raging hangover the next day! I did have some delicious carbonade and frites to go with them though, which probably helped.

        1. goodjudge

          24% limit

          Ta. Am off to Belgium next weekend to sample their wares, will keep that in mind. Duvel's not high on my list TBF. But if the hackers hit Cantillon, it's definitely war.

        2. Manolo

          Re: 24% total

          Should be per hour, no?

      3. Col_Panek

        They don't call it duivel for nothing.

  4. Sceptic Tank Silver badge

    Als de Duvel.... ====>

    A diabolic deed!

  5. Mike 137 Silver badge

    A new 'zero day'?

    "Company reassures public it has enough beer"

    They have enough already made in stock but 'production' is stopped, so how does ransomware stop beer fermenting?

    1. cyberdemon Silver badge

      Re: A new 'zero day'?

      Because so many industrial control systems and HMIs run Windows, I would guess.

      But also because they may have shut their whole network down to stop any further intrusion

      The yeast is still fermenting, but if they can't pump it out into the next vessel in their process then the taste will be ruined. Or maybe it won't, and they will sell it as a 'limited edition' batch. They could call it Duvel Scumbag, with 'extra scummy' foam.

      1. Mike 137 Silver badge

        Re: A new 'zero day'?

        @cyberdemon Sorry, that was actually an (obviously inadequate) attempt at a joke. However "... because they may have shut their whole network down to stop any further intrusion" once again suggests that network segregation is a concept of the past. The vast majority of serious intrusions have been achieved due to appallingly inadequate network security -- no "sophisticated attack" needed. We must start making systems genuinely resilient as opposed to just assuming that once inside the perimeter the attacker has free reign.

        1. cyberdemon Silver badge

          Network Segregation

          So, where I previously worked, we had three "separate" networks.

          We had one called ControlNet which was for the robot control systems and HMI terminals only; another called FileNet for the robotics-related fileservers, local domain controllers and HMI terminals; and a site-wide network which had internet access. Unfortunately the fileservers were also connected to the site network because so many people needed access to them in their offices.

          So they sort of tried network segregation but ultimately all three networks were connected.

          There was much argument from me and others, but it never changed. Fortunately there were no serious incidents.

        2. John Brown (no body) Silver badge

          Re: A new 'zero day'?

          "We must start making systems genuinely resilient as opposed to just assuming that once inside the perimeter the attacker has free reign."

          One of the clients I do some work at, I have admin access, but only over the users and what they can access or use and another login for some more advanced, high level stuff. I don't get admin access over the core systems, and over-use of my higher level creds will be queried, especially if it's used for stuff my lower level should be used for. A colleague, spending time at another client site, has both "standard" user and "admin" creds. His admin creds, for doing the same job as me, let him do pretty much anything, anywhere in the system. Madness! It's like they only have two security levels and absolutely no compartmentalisation.

      2. hoola Silver badge

        Re: A new 'zero day'?

        It is most likely the latter.

        If you do detect ransomware you just have to start switching things off.

  6. spold Silver badge

    A lack of cheer(s)

    Must have been a bugger when they started brewing back in 1871 and the systems weren't available. Shirley someone wrote down how to do it in the BCP....

    1. cyberdemon Silver badge

      Re: A lack of cheer(s)

      To be fair, in 1871 they were only brewing enough for a few monks and the local townsfolk. To scale up an operation to brew beer at an affordable price for millions of people at home and abroad does require a certain degree of automation..

  7. Anonymous Coward
    Anonymous Coward

    Alas, the El Reg beer icon is not the correct shape for Duvel. Or at least not the shape they say you should use, not sure it matters to my less-than-discerning palate.

  8. Howard Sway Silver badge

    a ransomware attack has brought its facility to a standstill

    If this leaves the supermarket shelves empty, don't despair. To recreate the effects of a night's Duvel consumption, just eat a whole pack of laxatives before bedtime, then ask someone to hit you on the head with a hammer a few times the next morning.

    1. Anonymous Coward
      Anonymous Coward

      Re: a ransomware attack has brought its facility to a standstill

      They call this approach “a cheap night out in Slough”

  9. John Brown (no body) Silver badge

    I felt a great disturbance in the Beer

    "I felt a great disturbance in the Beer, as if millions of voices suddenly cried out in terror and were suddenly silenced. I fear something terrible has happened."

  10. Anonymous Coward
    Anonymous Coward

    Stick to the real Trappist beers

    brewed by actual monks in a monastery, less chance of ransomware or any software there.

    1. Anonymous Coward
      Anonymous Coward

      Re: Stick to the real Trappist beers

      They wouldn't be caught on the hop with an IT maltdown

    2. RDPeter

      Re: Stick to the real Trappist beers

      Yeah that's why I drink Buckfast. I hired a monk that makes my drink just in case the whole world goes out due to ransomware.

      1. Lurko

        Re: Stick to the real Trappist beers

        Don't kid yourself, Buckfast is made under licence now by J Chandler & Co, so you'll have to ask them .

        On a side note, I'd encourage anybody who passes through Devon to stop off and visit Buckfast Abbey, paying particular attention to the building and history - almost the ultimate DIY project (and you can at least buy some tonic from the visitor shop).

    3. Manolo

      Re: Stick to the real Trappist beers

      I recommend Rochefort.

      Also, having a Rochefort on a sunny terrace in the actual town of Rochefort.

      1. Strahd Ivarius Silver badge

        Re: Stick to the real Trappist beers

        Which town of Rochefort?












        or any other just called Rochefort?

  11. Liam Proven (Written by Reg staff) Silver badge

    So its _brain_ went _donk_?

  12. Dabooka

    Another swing and a miss

    Why not bloody Brewdog instead and us all a favour in the process?

  13. RDPeter

    As long as crims don't interrupt my supply

    As long as crims don't interrupt my needed supply of the likes of Buckfast and Bushmill then it's manageable.

  14. TimMaher Silver badge


    … hier rijpt den Duvel.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like