The admission of global consumer goods giant Reckitt Benckiser that a recent global cyber attack cost it millions in revenue should be a wake-up call to all businesses that nobody is immune, warns an Irish cyber security expert.
Dublin-based Ward Solutions chief executive Pat Larkin said companies are finally beginning to accept that cyber security is necessary and not a luxury following recent attacks such as WannaCry in May and a June 27 attack that hit several major companies, along with Russia’s biggest oil firm and Ukrainian banks, disrupting ports from Mumbai to Los Angeles and halting production at factories.
Reckitt, which makes Dettol and Lysol disinfectants, Nurofen tablets, and Durex condoms, said it estimated like-for-like revenue in the second quarter would fall 2% from a year earlier because of the attack, which hit three days before the quarter ended.
The virus significantly hit output at many of the company’s more than 60 factories and hurt a global supply chain by affecting systems that manage orders, billing, and shipping.
Excluding that impact, and tax changes in India that hurt sales to a lesser extent, second-quarter sales would have been flat, said the company.
Reckitt’s shares fell more than 3% yesterday to their lowest since May 19 following the admission.
The cyber blindside came at a bad time for the firm after its weakest performance in 15 years in the first quarter, when a collapse of its business in South Korea and a failed Scholl product innovation left sales unchanged.
Reckitt has described 2017 as a “tale of two halves”, saying the second half would improve as comparisons with the year-earlier period get easier.
Security experts say the NotPetya virus hit a popular accounting software used in Ukraine, which is likely where multinationals, including Moeller Maersk, Mondelez International, and Reckitt were first infected before it spread globally through their networks.
Mr Larkin said: “When something like this happens, typically there is an impact not just on the business but on the share price and the perception of the overall brand.
“We are seeing organisations which have suffered significant downtime in their core business. We’ve seen it happen to Honda when WannaCry struck. Taking cyber security seriously is a message we are preaching constantly.”
He said the perception from a lot of boards has traditionally been that incorporating cyber security protocols is too costly an expense.
“If those businesses do a proper cost assessment, then they see that there are real consequences for the business if an attack occurs. It can lead to a loss of customers, a perception of amateur security procedures in place and it can even shut businesses down. Customers need confidence in a business,” said Mr Larkin.
He said the trend is finally beginning to change. “The tide has turned. Cyber attacks are a fact of life and they are constant. Organisations have to prepare accordingly,” he said.
Reckitt could not confirm the virus’s starting point — only that it spread around the world in just 45 minutes. A company spokeswoman said there was no evidence to suggest Reckitt had any particular vulnerability in its system.
Additional reporting: Reuters
© Irish Examiner Ltd. All rights reserved