Canadian craft brewery lost $2.1 million in social-engineering cyber attack  

Mere technological solutions will not save you from a cyber attack.

Attackers also use social engineering, another name for plain con art. They can simply trick you or your employee into revealing information that helps them access your system.

A Kitchener-based company, which was a target of social engineering, has lost $2.1 million in a cyber attack.

Waterloo Brewing, Ontario’s first craft brewery with over a quarter century of brewing heritage, announced today that it has been subjected to a social-engineering cyber attack by a sophisticated third party that resulted in a wire transfer of the company’s funds to a fraudulent third-party account.

The incident occurred in early November and involved creditor employee impersonation and fraudulent wire transfer requests by such third party from the company.

In a social-engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organisation or its computer systems, according to Cybersecurity and Infrastructure Security Agency of the US government..

An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity.

However, by asking questions, he or she may be able to piece together enough information to infiltrate an organisation’s network.

If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.

On becoming aware of the incident this week, the company initiated an analysis of all other transaction activity across all bank accounts of the company as well as a review of its internal systems and controls, including its computer networks.

The company has engaged its third-party IT services provider to conduct an independent investigation of the company’s systems and is working with its auditors and the bank to ensure that appropriate steps have been taken to mitigate the chance of any future occurrences of similar cyber attacks.
At this time, the company does not believe that its systems were breached or that any personal information of its customers is at risk.

The company has notified the appropriate authorities including local police services, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) and the United States’ Finance Crimes and Enforcement Network (FinCEN).

To date, the company has not recovered any of the approximately 2.1 million Canadian dollars wired to the fraudulent third-party account.

While the Company is actively taking measures to recover the funds, there can be no assurance that such measures will result in the return of all or a portion of the misappropriated funds in a timely manner or at all.

The company does not expect this incident to have a material impact on its business going forward or otherwise impact its near-term liquidity requirements or its ongoing operations.