Asahi: How Cyberattacks Disrupt Global Beverage Production

The cyberattack against Asahi Group, Japan’s largest beer producer, underscores the mounting cyber risks facing global manufacturing and the food-and-beverage sector.

With operations halted at multiple sites across its network of 30 factories and nationwide delivery schedules thrown into disarray, the incident illustrates how modern cyber threats threaten not only information systems but also the critical production capabilities of multinational businesses.

Asahi – the owner of leading international brands such as Peroni, Pilsner Urquell and Grolsch – now joins a growing list of high-profile organisations recently targeted by cyber criminals, including JLR, M&S, Co-op, Harrods and Kering, the French luxury group behind Gucci, Balenciaga and Alexander McQueen.

Asahi’s cyber attack

“Asahi Group Holdings, Ltd. is currently experiencing a system failure caused by a cyberattack, affecting operations in Japan,” Asahi says in a statement. 

“At this time, there has been no confirmed leakage of personal information or customer data to external parties. However, due to the system failure, the following operations have been suspended:

• Order and shipment operations at group companies in Japan
• Call centre operations, including customer service desks

“We are actively investigating the cause and working to restore operations; however, there is currently no estimated timeline for recovery.”

The company has confirmed that only its operations in Japan have been affected by the attack.

Why is manufacturing a prime target for cybercrime?

The beverage and consumer goods industry is becoming ever more digitised, with intricate supply chains powered by tightly integrated IT and operational technology (OT) systems.

For breweries such as Asahi, production now hinges on automated bottling lines, smart logistics and connected platforms that keep global distribution and demand in balance.

While this wave of digitalisation has driven major efficiency gains, it has also widened the attack surface for cybercriminals.

Recent incidents across multiple sectors highlight just how rapidly the threat landscape is evolving.

According to the IBM X-Force 2025 Threat Intelligence Index, manufacturing was the most frequently targeted industry for industrial cyberattacks in 2024 – an alarming trend that has only intensified through 2025.

The sector accounted for 40% of all recorded incidents in APAC, far outpacing finance and insurance (16%) and transportation (11%).

Ransomware operators in particular are exploiting weak points across third-party vendors, legacy OT systems and the persistent security blind spots between IT and production environments.

For companies such as Asahi, even short periods of downtime can cause severe repercussions, from lost production volumes and logistical bottlenecks to breaches of supply agreements.

The operational disruption can prove just as damaging – if not more so – than the initial theft of data itself.

George Foley, Sales Development Manager at cybersecurity firm ESET Ireland, says: “Once again, cyberattacks are proving they can bring entire industries to a standstill, even without confirmed data theft. 

“The fact that attackers managed to halt production on this scale suggests they had deep access. It’s a reminder that operational continuity is just as critical as data protection and that the supply chain itself needs to be continuously monitored and hardened.”

Is the Asahi incident sounding an industry-wide wake-up call?

As well as the recent cyber incidents at M&S, JLR and Harrods, the disruption at Asahi comes on the heels of a series of high-profile operational breaches in food, beverage and manufacturing, including cases at JBS and Mondelez.

Within the brewing industry, insurers and regulators are tightening their stance, with cyber insurance premiums escalating and oversight becoming more rigorous.

Governments worldwide are expected to mandate stricter security audits for critical sectors, advancing the adoption of zero-trust architectures, enhanced supply chain risk management strategies and faster, more coordinated incident-response protocols.

Security experts emphasise that proactive investment in cyber hygiene – ranging from continuous vulnerability monitoring and employee training to robust network segmentation – can mean the difference between containing an incident and experiencing a full-scale global shutdown.

For Asahi, the path to recovery will rest not only on restoring customer confidence but also on addressing the systemic weaknesses exposed by the breach.

While the ultimate financial toll remains to be seen, what is already evident is that cyberattacks are no longer confined to digital compromise – they are directly driving operational disruption on an enterprise-wide scale.