Asahi Case Aftermath: Companies Should Make Cyber Defense Top Priority
Asahi Group Holdings President Atsushi Katsuki (center) and other company executives hold a press conference in Chiyoda Ward, Tokyo (©Sankei by Naoki Aikawa)
このページを 日本語 で読む
Asahi Group Holdings has revealed the extent of the damage it suffered after a cyberattack hit its domestic servers in late September. The major beverage and food company suffered a system failure as a result of the attack.
It will take until February 2026 for its logistics operations to return to normal, the company estimates.
Meanwhile, Asahi admits that 1,914,000 items of personal information about customers and employees were stolen. It has since established a dedicated portal for personal information. Personal information that it fears has been leaked includes names, addresses, and phone numbers. However, it does not include credit card information.
The company is urged to respond conscientiously to all customer inquiries and requests for consultation.
What Happened
Asahi was hit with a cyberattack through the introduction of a ransomware computer virus. One important lesson to be taken from this case is that the intrusion succeeded without detection. It was discovered about 10 days later, when the actual system failure occurred.
During the interim, the hackers were allowed to intrude through network equipment at Asahi Group Holdings' group company site. They hijacked administrator privileges and repeatedly carried out unauthorized access using that account. The failure to detect the intrusion in a timely fashion allowed the damage to spread.
Asahi's system cybersecurity had met established standards when assessed by an external United States agency. Mechanisms to detect unauthorized access had also been adopted. Nevertheless, the intrusion was in fact allowed. That it took so long to detect it shows how damage from cyberattacks can occur ー even when many countermeasures are taken.
Prioritizing Cyber Defense
Companies need to recognize that defending against cyberattacks should be a top management priority. Naturally, each company must inspect its own systems and take obvious countermeasures, such as replacing highly vulnerable devices. Nevertheless, it is even more important to have a response plan in place after an intrusion occurs.
Regarding future improvements, Asahi says it will also redesign its business continuity plan so that individual systems operate independently. Although it might seem basic and obvious, other companies are also urged to implement such measures immediately.
Cyberattack methods are becoming more sophisticated. Meanwhile, no matter how effective the implemented countermeasures are, vulnerability will inevitably increase over time.
Companies must not think that systems are safe just because they have implemented cybersecurity measures. They also need to remain aware of the need to constantly review them.
RELATED:
- EDITORIAL | Asahi Cyberattack is the Problem of Every Business
- Asahi Struggles After Massive Cyberattack, Beer Production Grinds to Halt
- Cyberattacks Spur Japan's Breakthrough Ransomware Tool
Author: Editorial Board, The Sankei Shimbun
このページを 日本語 で読む
