Blog

Understanding Cyber Threats in the Food Manufacturing Industry

Jun 27, 2024

Understanding Cyber Threats in the Food Manufacturing Industry

The food and agriculture industry faced over 160 cyberattacks in 2023, causing supply chain disruptions worldwide. The food manufacturing industry is the seventh most attacked globally; the only reason this industry isn’t higher on the list is due to law enforcement intervention in 2023, intervention that led to crackdowns on some of the biggest ransomware gangs in the world, like BlackCat, Akira, and Lockbit.

But why is the food manufacturing industry so prone to cyberattacks? This is because the food manufacturing industry is just beginning to be digitized, with many producers using legacy IT tools to manage their operations. These tools leave room for cybercriminals to find a way in.

As the food manufacturing industry becomes more digitized, cybersecurity needs to be taken more seriously to patch vulnerabilities and avoid any threats to the global supply chain as we know it.

The food manufacturing industry has recently experienced several cyberattacks:

  • Dole faced a sophisticated ransomware attack in 2023, where attackers were able to access the employee data of almost 3,900 US workers. Dole’s operations were heavily impacted, with an estimated loss of $10.5 million.
  • Sysco’s servers fell victim to a data breach in January 2023 which went undetected until March 2023. It is estimated that attackers accessed the data of over 126,000 individuals including employees, suppliers, and customers. compromising personal information such as names, social security numbers for US employees, and account details.
  • Mondelez, the corporate giant behind Oreos, faced a data breach that was discovered in February 2023, where attackers targeted its law firm, Bryan Cave. This affected more than 50,000 current and former employees, with the extent of the damage taking months to determine.

 

Cybersecurity Vulnerabilities Within the Food Manufacturing Industry

Cyberattacks across industries like financial and retail sectors are harder to pull off because of how secure those sectors have become. As such, cybercriminals have now shifted their attention to industries like the food manufacturing industry that seem more vulnerable due to various factors.

  • Increased reliance on technology in food manufacturing and agriculture: Agricultural machinery, data collection tools, and even food processing facilities are being integrated with internet-connected devices. If these devices aren’t properly secured, they can be hacked, manipulated, used to disrupt operations, or even contaminate food supplies.
  • Combining legacy systems with new tech: The industry is increasingly reliant on interconnected devices and automated systems. Many facilities still use older, less secure systems alongside newer technologies. Most legacy systems aren’t up to date on newer security measures and integrating them with new technology can create security gaps that hackers can exploit.
  • A lack of security awareness and resources: Many farms, especially smaller ones, may be unaware of the cybersecurity threats they face. Even if they are aware, they may lack the financial resources to invest in robust cybersecurity solutions.
  • Supply chain weaknesses: Food manufacturing often relies on a complex network of suppliers and vendors with many moving parts. A security breach at a third party can leave the entire chain vulnerable, as was the case of the cyberattack on Mondelez last year. Instead of directly attacking Mondelez, hackers were able to gain access to their data by targeting its law firm instead.

 

Possible Avenues for Cyberattacks in the Food & Beverage Industry

Any attacks faced by the food manufacturing industry may have far-reaching consequences such as food safety risks, disruptions to global supply chains, tampering with testing and food quality data, the potential to have counterfeit produce introduced into the supply chain, and more. The global food and agriculture supply chains and their continued smooth operations are key to humanity’s well-being as we know it. It is incredibly crucial for stakeholders to be aware of any possible threats to the global food supply chain.

 

Malware and Ransomware Attacks

Malware and ransomware are malicious software programs that act as digital parasites, infiltrating computer systems and disrupting critical functions.

Malware can infect industrial control systems, leading to the manipulation of irrigation systems or the malfunction of food processing equipment. An attack like this can compromise crop yields, contaminate food products, or even trigger safety hazards.

Ransomware encrypts vital data, holding it hostage until a ransom is paid. This can break operations within a food and agriculture company, preventing access to production data, financial records, and intellectual property. The NotPetya attack on Maersk, a global shipping giant, tells us just how much damage ransomware attacks can do to a corporation.

The high-profile attacks on JBS, a leading meat processing company, Hood Dairy, and Dole in recent years all show how vulnerable some of the biggest names in the food manufacturing industry have been to these attacks.

 

Supply Chain Attacks

The food industry’s interconnected supply chain leaves it vulnerable to attack at every step. Hackers exploit weaknesses in supplier or distributor networks to disrupt operations, tamper with products, or manipulate logistics. The 2020 SolarWinds attack, impacting 18,000 organizations through a compromised software update is an example of supply chain attacks.

 

Social Engineering Attacks

Social engineering preys on human trust and vulnerabilities to infiltrate systems. Phishing emails, fake phone calls, and even infected USB drives left at trade shows are all tools used by attackers to gain access to valuable data. Attackers can impersonate suppliers, regulators, or even colleagues to gain trust and manipulate victims. Once attackers are inside a company’s network, they can install ransomware, gain control of everything from the outside, leak or steal data, tamper with important information, and so much more.

 

Insider Threats

In this mode of attack, a malicious insider can steal intellectual property or take advantage of their access and position to sabotage company operations on a potentially massive scale. Strict access controls and employee awareness programs are usually your best bet to prevent this kind of attack from happening.

 

DoS or DDoS Attacks

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks overwhelm networks with a barrage of traffic, rendering them unusable for legitimate users. Traditionally, these attacks used to target online services, but now they’re evolving. Operational technology (OT) systems, the backbone of modern agriculture, have now become targets as well.

These attacks can disrupt critical operations by locking you out of equipment control systems or shutting off sensor networks, leading to crop losses, processing delays, and financial strain. Securing OT systems and implementing robust network defenses are essential to keep your organization safe from DoS or DDoS attacks.

 

Advanced Persistent Threats

Advanced persistent threats (APTs) are usually carried out by government-backed entities who methodically infiltrate systems, aiming to steal valuable data. In the food and agriculture sector, APTs might target R&D secrets, customer information, or supplier networks. While large-scale sabotage isn’t their usual game, recent events show they’re not above targeting growers and producers. Food security has become a national security issue, demanding robust defenses against these sophisticated threats.

 

IoT Attacks

The Internet of Things (IoT) devices are now commonly used in food production, with sensors and other hardware collecting data across the farm. However, these smart gadgets can become weak links. Hackers can exploit vulnerabilities to steal data, disrupt operations, or even manipulate crop yields. Drones and other technology now commonly found in most agricultural setups can be hijacked and used in large-scale attacks like this.

 

What to Expect if Your F&B Company is Under Cyberattack

When attackers gain access to any link of the supply chain, both data and food safety can be compromised. Attackers can manipulate, alter, or erase data from food testing and production dates. This can lead to poor quality or harmful food being put in circulation, or it may result in widespread recalls to protect the public. These recalls often come at huge costs for the company.

In addition to shortages, supply chain disruptions can lead to counterfeit products in the market. Risks for the consumers aside, corporations that face these attacks are forced to bear heavy financial losses and a major hit to their reputation.

 

Securing Your Company From Cyberattacks

Ensure compliance with cybersecurity-related laws and regulations within your organization. This is just as important as it is to develop and maintain a culture that revolves around cybersecurity and awareness.

Educate all your employees on the importance of robust security practices and the importance of rigorous authentication, access, and data security protocols. Periodically train your employees on the latest cybersecurity best practices.

Invest in powerful intrusion detection systems (IDS) and security information and event management (SIEM) solutions to detect and respond to cyber threats promptly. The proper implementation of these systems is crucial.

We provide network defense systems, endpoint protection, and security inspections. When faced with a cyberattack or malicious intrusion into your systems, contact local law enforcement authorities and collaborate with relevant experts like TXOne to ensure that the interests of all stakeholders and the general public are protected.

 

Achieve the perfect blend of OT cybersecurity for your food & beverage organisation - TXOne Networks

TXOne image
TXOne Networks

Need assistance?

TXOne’s global teams are here to help!

or
Find support