I never imagined that a 150-year-old chocolate company could be brought to its knees by a few clicks on a computer. As the head of IT for Ganong Bros. — Canada’s longest-running family-owned candy manufacturer, established in 1873 — I’ve overseen everything from upgrading our aging inventory systems to keeping the Wi-Fi humming on our factory floor. But nothing prepared me for the morning of February 22, 2025, when a ransomware attack suddenly locked our systems. In that frantic moment, amid the aroma of cocoa and boiling sugar, I realized our sweet operation had turned into a cybersecurity nightmare.
Discovery in the heart of production
It was a bitterly cold Saturday in New Brunswick, and our St. Stephen plant was operating on limited shifts, preparing spring orders. I was at home when I got an early phone call from a production supervisor: “Something’s wrong — the computers in packaging froze and there’s a strange message on-screen.” My stomach dropped. Remotely logging in was impossible; our network was unresponsive. I rushed into the facility to find critical servers encrypted and a ransom note blinking on our monitors.
We later determined the attack had begun earlier, stealthily spreading through our network. By the time we “discovered” it on February 22, malicious code had already crippled several systems. Operations ground to a halt — our automated mixing and wrapping machines were fine mechanically, but without the digital controls and production schedules, we couldn’t safely continue production. Access to our order database and email was cut off. In an instant, our historic chocolate factory was knocked back into the 19th century.
