[BreachExchange] Massive cyber-attack could cost Nurofen and Durex maker £100m

Sat Jul 8 00:41:43 EDT 2017

https://www.theguardian.com/business/2017/jul/06/cyber-attack-nurofen-durex-reckitt-benckiser-petya-ransomware

Some of the world’s biggest companies are counting the cost of lost
business following last week’s “NotPetya” ransomware cyber-attack,
with Nurofen maker Reckitt Benckiser taking an estimated £100m hit in
revenue.

Reckitt – which also makes Dettol cleaning products and Durex condoms
– said the attack on 27 June had disrupted production and deliveries
of goods to customers in several countries.

“Consequently, we were unable to ship and invoice some orders to
customers prior to the close of the quarter,” the British consumer
goods company said in a statement on Thursday. “Some of our factories
are currently still not operating normally but plans are in place to
return to full operation.”

Last week’s attack affected some of the world’s biggest corporate
names, including the UK-based advertising group WPP, Danish shipping
company AP Moller-Maersk, and US delivery service FedEx.

Anthony Dagostino, head of global cyber-risk at Willis Towers Watson,
said such attacks were starting to take a greater toll on businesses.
“We’ve really crossed the threshold into new territory regarding
damages sustained from an attack. No longer is it limited to data and
privacy compromise with expenses incurred to remediate the breach. Now
we’re seeing disruption to supply chains and production, material loss
of income, and physical damage becoming more of a reality.”

Reckitt Benckiser said it was still assessing the financial impact of
the attack on the company. “We expect that some of the revenue lost
from the second quarter will be recovered in the third quarter.
However, the continued production difficulties in some factories mean
that we also expect to lose some further revenue permanently.”

The Slough-based company now expects like-for-like net revenue in 2017
to increase by about 2%, down from an earlier growth forecast of 3%.
With the company making almost £10bn in revenues in 2016, that would
equate to about £100m in lost revenue.

It said a new goods and sales tax in India also resulted in reduced
orders from some customers in June. Reckitt’s shares were among the
biggest fallers on the FTSE 100 in early trading on Thursday, down 2%.

Eddy Hargreaves, analysts at Investec bank, said that profits and
turnover would both be hit: “The cost of recovery from the recent
cyber-attack on Reckitt’s operations is still being assessed by
management. But we expect an impact both on top line, through
disruption to production, order handling and logistics, and margin,
through the need to upgrade systems and recover data.”

The company has operations in more than 60 countries and sells its
products around the world, employing about 37,000 people globally. The
sharp fall in the value of the pound since the Brexit vote has
benefited companies like Reckitt Benckiser, because it has significant
operations outside the UK.

Maersk, the world’s largest shipping company, said it had been forced
to redirect ships to alternative locations after the attack on its
computer systems left it unable to dock and unload containers at some
of its ports.

In its latest message to customers the company said its operations
were now “running close to normal again”, but it was still
experiencing some issues such as disruption to phone lines in some
regions.

Charlie Huggins, fund manager at Hargreaves Lansdown, said Reckitt
should recover from the NotPetya attack. “The effects of the
cyber-attack should prove temporary, while some of the other headwinds
holding back sales in the first and second quarter should abate in the
second half. As a result, we expect sales to recover relatively
quickly.

“Cybercrime is fast becoming the number one risk for companies, which
is absorbing greater resources and management time. But the
reputational cost of getting this wrong can be significant so its
vital businesses commit the appropriate resources to reassure
investors.”

Neil Campling, analyst at Northern Trust Capital Markets, said this
latest attack was a wake-up call for firms. “Companies all over the
world will be reviewing the robustness of their hard and soft
procedures to ensure they’ve done everything possible to protect
themselves from hackers and others who might wish to disrupt normal
operations,” he said.