Lion cyberattack webinar

Cyberattack - Feature

Luke Sawyer and Kendall Nicholas from Lion spoke to members about the cyberattack in June 2020. The cyber-attack impacted Lion’s business wide enterprise systems including customer call centres, production capabilities, packaging, warehousing robotic systems to palletize, supply chain processes.

The attack was a ransomware attack with malicious intent. Lion were asked to pay significant ransoms, numerous times. The origins of the attack were within Russia from a well-coordinated, cyber-criminal gang.
Supply chains were severely impacted causing a complete manufacturing shutdown for almost two weeks. It took a further six months to return to full capacity and capability.

Ransomware as a Service attack (RaaS) is when a vulnerability is exploited and sold on the dark web, cyber criminals will then deploy ransomware into the enterprise system, take over passwords to the main active directory system (commonly referred to as the ‘golden ticket’), and take control from there. The cyber criminals will provide a date that a ransom payment is required and if the ransom is not paid data will be sold to the highest bidder on the dark web.

Major learnings included the need to upweight cyber security and the importance of prioritising several investments; including capital plans that were originally planned to upgrade over five years have been fast tracked to two years.