Belgian Ale Legend Duvel’s Brewery Borked As Ransomware Halts Production

Belgian beer brewer Duvel says a ransomware attack has brought its facility to a standstill while its IT team works to remediate the damage.

Spokesperson Ellen Aarts had a statement on tap for local media on Wednesday: “At 0130 last night, the alarms went off in Duvel’s IT department because ransomware had been detected. Production was therefore immediately stopped. It is not yet known when it could start again. We hope today or tomorrow.

“Our IT department immediately intervened and is currently still mapping everything out. They are looking for a solution as quickly as possible.”

El Reg tried to get Duvel to pour its heart out about the overall recovery progress and whether its Breendonk-based facility will be operational once again before the end of the week as expected, but it didn’t immediately reply.

Details about the incident are generally sparse since the company hasn’t publicized the break-in beyond a short statement offered to the press. It’s not clear what group is behind the attack.

Duvel Moortgat not only brings Duvel to shop shelves, restaurants, and bars alike, but also other popular tipples such as La Chouffe, Vedett, Firestone Walker, and more.

Aarts said fans needn’t fear supply issues since the Breendonk facility is well stocked and the company isn’t concerned about order fulfillment with the site’s temporary downtime.

Other manufacturing organizations hit by ransomware often aren’t so lucky and any kind of downtime can be operationally and financially damaging.

It’s why the industry is such a common target for ransomware miscreants since they know that theoretically, manufacturers are more motivated to pay ransoms quickly, minimizing costly downtime.

IBM’s most recent Cost of a Data Breach report found manufacturing was the single most targeted sector by cybercrims. The average cost of a data breach at a business like Duvel Moortgat, a consumer goods manufacturer, stands at $3.8 million according to IBM’s figures.

In reality, however, only a minority of organizations in the manufacturing sector actually pay ransoms – 34 percent compared to 73 percent that rely on backups for recovery, according to Sophos’ figures. Ransom demands are growing, though, and data recovery rates remain a serious concern.

“While [the rate of paying victims] is a welcome improvement, manufacturing has the lowest rate of data recovery (88 percent got back encrypted data vs the 97 percent cross-sector average), suggesting that the sector should continue to focus on strengthening backup use,” the report by Sophos says.

“The proportion of manufacturing organizations paying higher ransoms has increased from our 2022 study, with 40 percent paying a ransom between $100,000 and $999,999 vs. 29 percent who paid this amount the year before. In addition, 20 percent reported payments of $1 million or more compared to just eight percent the year prior.”

Whether Duvel can recover from its ransomware incident in the day or two it predicts is unclear, but it will surely be hopping for a full return schooner rather than later. Let’s see if that survives the edit. ®

READ MORE HERE