Arizona Tribune - Beer giant Asahi not engaging with hackers after cyberattack

"We have not been in touch with the attacker," CEO Atsushi Katsuki told a news conference as the company again delayed the release of financial results.

"Even if we had a ransom demand, we would not have paid it," he said.

The maker of Asahi Super Dry, one of Japan's most popular beers, said on September 29 that it was hit by a ransomware cyberattack, becoming the latest high-profile global corporate target.

Usually in such an incident, online actors use malicious software to lock or encrypt a victim's systems and then demand payment to get them up and running again.

Asahi on Thursday again stopped short of disclosing the identity of the attacker or discussing how their system was attacked.

But hacker group Qilin, believed to be based in Russia, has issued a statement that Japanese media interpreted as a claim of responsibility.

"We thought we had taken full and necessary measures (to prevent such an attack)," Katsuki said.

"But this attack was beyond our imagination. It was a sophisticated and cunning attack."

Asahi had already delayed the release of third-quarter earnings and on Thursday said that full-year results had also been postponed.

These and further information on the impact of the hack "on overall corporate performance will be disclosed as soon as possible once the systems have been restored and the relevant data confirmed", the company said.

- 'Why our firm?' -

"Regarding product supply, shipments are resuming in stages as system recovery progresses. We apologise for the continued inconvenience and appreciate your understanding," it added.

Output at Asahi's 30 domestic factories was not directly affected by the system shutdown but production had to stop due to the company-wide problem.

The brewer said early last month that production at six beer factories had resumed, while it was processing orders by hand in an effort to swerve potential drinks shortages.

It will start restoring electronic ordering systems from early December, with an aim to nearly normalise the situation by February, Asahi said Thursday.

It needed to proceed carefully to make sure the attack doesn't spread to others including its business partners and clients, Katsuki said.

"Why our firm? I have no idea," he said. "We are angry."

Other global brands have recently experienced similar attacks.

Indian-owned Jaguar Land Rover was forced to seek emergency funding after a damaging cyberattack halted operations at its British factories.

Japanese retailer Muji said in October that it had stopped its domestic online shopping service after a ransomware attack on delivery partner Askul.

A survey released in June found that a third of Japanese businesses have experienced cyberattacks of some sort.

"Japan has always been a little bit complacent in terms of cybersecurity," said Renata Naurzalieva, director of Japan operations at business development consultancy Intralink.

High-profile cases are "a terrible thing" but "I do hope that it opens the eyes for the wider sector that -- guys, you need to up your game", she told AFP.

"A lot of Japanese companies... when they think about investment in cyber security, they still try to justify the return on investment," Naurzalieva added.

But "it's not the return on investment that you're looking for, it's, 'can it protect my assets, can it protect my network data'."

A.Taylor--AT