By Dave Cullen, Field CTO, OTORIO
Food producers and beverage makers have become some of the preferred targets of ransomware attackers. One year ago, a suspected nation-state ransomware attack against the world's largest meat-packing plant, JBS, disrupted the global food supply chain, shut down operations in the United States, Canada, and Australia, and resulted in the company making an $11M ransomware payment. It is important to remember that CISA deems the Food and Agriculture sector part of America's critical infrastructure, together with more than a dozen other industries like oil and gas, healthcare, and utilities.
Read how OTORIO's oil and gas cybersecurity solution ensures operational continuity.
Almost every company can be targeted by ransomware. On the one hand, automating assembly lines and utilizing robots help ensure effective production. But they also introduce cyber and digital risks by expanding attack surface areas. Food and beverage manufacturers must adopt effective risk management to secure their operational technology (OT) and converged OT-IT-IIoT network environment, protect their production facilities, defend against ransomware attacks, and protect the security lifecycle of their production machinery. Reactive responses will be too late. That is why it is critical to prioritize vulnerabilities and contextualize risks to secure the OT and converged network environments that cyber criminals consistently target.
The world's food and agriculture supply chain is repeatedly attacked at all levels. In May 2022, a ransomware attack affected AGCO, a U.S.-based global manufacturer and distributor of heavy agricultural machinery. The company acknowledged that this security breach "impacted some of its production facilities," and that its "business operations w[ould] be adversely affected for several days and potentially longer." AGCO's brands include Massey Ferguson®, Fendt®, Gleaner®, and other essential agriculture machines.
These security breaches can affect not only agricultural machinery manufacturing operations. They can also impact farms and farm cooperatives that depend upon tractors, combines, and balers to harvest and supply the world's food, as well as food and beverage industry manufacturers' businesses and production lines that rely upon fresh, healthy, and available supplies of ingredients.
A MITRE report concluded in 2021 that "the pandemic exposed the fragility of the U.S. food supply chain." In April 2022, the FBI issued a Private Industry Notification warning that ransomware threat actors were "more likely to attack agricultural cooperatives during critical planting and harvest seasons." Over the last two years, ransomware attacks against producers and manufacturers in the food, beverage, and agricultural industries show that these concerns are well-grounded.
In addition to the JBS attack, the largest candy corn manufacturer in the U.S. was hit with ransomware in 2021 before its critical Halloween season. UK-based KP Snacks, a business unit of one of Europe's leading savory snacks producers Intersnack Groups, had deliveries disrupted when it fell victim to ransomware in February 2022. A month later, HP Hood Dairy, the Massachusetts-based producer of Lactaid® milk products, responded to a ransomware attack by taking its plants offline, disrupting supplies.
Beverage makers are also regularly targeted. A 2021 cyber security attack against Molson Coors affected the company's brewery operations, production, and shipments, according to an SEC filing by the brewer. The Campari Group reportedly became a ransomware victim of the Ragnar Locker ransomware gang. In November 2021, Spain's second-largest beermaker Damm shut down one of its production facilities after acknowledging that it was "entirely paralyzed" by the cyber attack.
The world's food supply chain relies on manufacturing facilities to keep their networks and equipment safe from attacks. It is essential to prioritize OT and IT security concerns, as breaches can impact business continuity and production operations.
Hackers can breach farming equipment, install malware or ransomware, and disrupt agriculture machinery production at will. These security breaches can impact farms and farm cooperatives that depend upon tractors, combines, and balers to harvest and supply the world's food, as well as food and beverage industry producers whose businesses and production lines depend upon a steady supply of harvested ingredients.
No network is impervious to cyber attacks, and any system can be targeted with ransomware. Manufacturers must conduct regular assessments and in-depth risk analyses of their OT and IT asset inventory to identify areas of risk and take steps to close any potential vulnerabilities.
In a 2021 letter, Anne Neuberger, the U.S. National Security Council's top cyber official, told the White House, "No company is safe from being targeted by ransomware, regardless of size or location. Companies must be proactive."
For food producers, beverage makers, and agribusinesses, that means taking steps to manage risks effectively. Reducing vulnerabilities to OT security and converged OT-IT-IIoT networks can enhance a company's security posture, reduce the risk of ransomware attacks, and help prevent disruption. Managing and mitigating OT security risks can help protect against ransomware attacks. Ongoing vigilance via automated OT security measures can limit risk, reduce the likelihood of ransomware demands, help ensure business continuity, keep production operations ongoing, and help secure the global food supply chain.
To help meet these challenges, OTORIO provides agriculture manufacturers with a combination of technology and advanced OT cyber security services, including risk assessment, segmentation evaluation, penetration testing, and incident response. Contact us to discuss your food production, beverage manufacturing, or agribusiness manufacturing concerns. We'll show you ways to effectively manage and reduce OT security and ransomware risks to your business operations and production facilities.
Recent Posts