At Ben Thai, a restaurant nestled in Sengawacho, a Tokyo suburb, only four bottles of Asahi Super Dry beer remain on the shelves.
Owner Sakaolath Sugizaki anticipates a forthcoming delivery, but notes that her supplier is prioritizing larger clientele amidst supply constraints.
This situation stems from Asahi, the producer of Japan’s top-selling beer, being compelled to halt operations at the majority of its 30 domestic factories following a recent cyber-attack.
Although all of Asahi’s Japanese facilities, including its six breweries, have partially resumed activity, their computer systems remain compromised.
Consequently, order processing and shipment management are being conducted manually – utilizing traditional methods like pen, paper, and fax machines – leading to a significant reduction in shipment volumes.
Given Asahi’s substantial 40% share of the Japanese beer market, these disruptions are notably impacting bars, restaurants, and retailers nationwide.
Asahi has issued an apology “for any difficulties caused by the recent attack” but has yet to provide a definitive timeline for the full restoration of its operational capabilities.
The BBC visited convenience stores and supermarkets in Tokyo and Hokkaido, where employees reported depleting existing inventories and an inability to place new orders for Asahi products, encompassing beverages and food items.
Hisako Arisawa, who manages a liquor store in Tokyo, expressed concerns for her customer base, citing limited Super Dry availability and anticipating at least a month of continued disruption.
Beyond beer shortages, Arisawa highlighted the limited availability of Asahi’s soft drinks, including ginger beer and soda water.
Last week, several of Japan’s leading convenience store chains issued warnings to consumers regarding potential product shortages.
FamilyMart cautioned that its Famimaru range of bottled teas, produced by Asahi, would likely face supply constraints or stockouts.
7-Eleven suspended shipments of Asahi products across Japan, while Lawsons also indicated anticipated shortages.
Mr. Nakano, an alcohol wholesaler who preferred not to disclose his first name, reported receiving only approximately 10-20% of his usual Asahi shipments, despite the resumption of some deliveries.
His orders are now processed manually, via handwritten forms and fax transmissions, with Asahi notifying him of shipment readiness via fax.
Asahi also holds ownership of prominent European brands – including Peroni, Grolsch, and Fuller’s – though the company has confirmed that these operations remain unaffected by the cyber-attack.
The ransomware group Qilin, known for previous attacks on major organizations, has claimed responsibility for the cyber-attack targeting Asahi.
Qilin operates a platform enabling users to execute cyber-attacks in exchange for a percentage of the extortion proceeds.
While Asahi has not explicitly confirmed the nature of the attack, the company acknowledged that data suspected of being leaked during the incident has been discovered online.
This incident joins a growing list of cyber-attacks by various hacking groups targeting major corporations globally, including automotive manufacturer Jaguar Land Rover and retail giant Marks and Spencer.
Travelers experienced delays at numerous European airports in September following a ransomware attack that disrupted check-in and boarding software.
In Japan, a separate cyber-attack paralyzed operations at a container terminal in the city of Nagoya for three days in 2024.
Japan Airlines also suffered a cyber-attack last Christmas, resulting in delays and cancellations of domestic flights.
Despite Japan’s global reputation as a technologically advanced nation, experts have cautioned that the country faces a shortage of cybersecurity professionals and exhibits comparatively lower levels of digital literacy in business software applications.
This vulnerability was underscored last year when officials finally ceased requiring the submission of documents to the government via floppy disks, a technology largely obsolete in the rest of the world since the 1990s.
Cartan McLaughlin, from Nihon Cyber Defence Group, told the BBC that Japan’s susceptibility to cyber-attacks stems from “a reliance on legacy systems and a society with a high level of trust.”
McLaughlin added that many organizations within the country lack adequate preparation for attacks and demonstrate a willingness to pay ransoms, making them attractive targets for hackers.
Speaking at a recent press conference, Japan’s Chief Cabinet Secretary Yoshimasa Hayashi confirmed that the Asahi cyber-attack is under investigation.
“We will continue to improve our cyber capabilities,” he stated.
Earlier this year, the Japanese government enacted landmark legislation granting it expanded authorities in the event of cyber-attacks.
Experts have lauded the Active Cyber Defense Law (ACD), citing its provisions for enhanced information sharing with companies and its empowerment of law enforcement and the Japan Self-Defense Forces to launch offensive cyber operations to neutralize attacker infrastructure.
However, these measures offer little immediate relief to small businesses like Ben Thai restaurant and its patrons.
Owner Sakaolath Sugizaki, along with many others throughout Japan, remains uncertain about the availability of Super Dry in future orders.
Additional reporting by Chie Kobayashi in Tokyo
The regulator has given it “strategic market status”, opening the door to what it calls “proportionate interventions.”
From lectures by Stephen Hawking to the letters of British politician Neil Kinnock – it’s a race against time to save the historical treasures locked away on old floppy disks.
The debate is ramping up about what happens if – or when – computer intelligence overtakes humans
The latest in the military shooter series is a pivotal release for publisher Electronic Arts.
Both Ukraine and Russia use AI in battle, but removing human decision-making comes with risks.