Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Cybersecurity in Food Processing: A Hidden Battle for Safe Sustenance

According to research, 2020 saw cyberattacks against the food and agriculture sector increase by 607%, with even the FBI paying close attention. But why does this happen? 

Today, we’ll discuss just that, as well as six unique challenges confronting this sector, with the goal of underlining the potentially disastrous impacts of cyberattacks on global food security. In addition, we will go over a fact-based examination of these threats' evolution and the industry's corresponding responses. 

We aim to shed light on the clandestine battles waged in the pursuit of safe sustenance to avoid a potential global disaster. By emphasizing the indispensability of robust cybersecurity at each stage of the food processing chain, we seek to equip industry stakeholders and cybersecurity professionals with crucial insights and actionable strategies.

Why is the Food Industry Targeted by Cybercriminals?

Ever since the financial and retail sectors shored up their cyber defenses, threat actors have shifted their focus to other industries, targeting governmental systems, construction companies and healthcare organizations. 

A lack of cybersecurity is the main reason for this, which stems from either a lackadaisical attitude or a simple unwillingness to invest. However, even these industries sought proper solutions, which left food processing businesses as the most vulnerable targets. 

Cybercrime groups across the US and indeed the world regularly target them, and it’s not just to steal data or intellectual property.  For example, a hacker might want to access storage or distribution systems to feed counterfeit products into a large-scale supply chain overseas, potentially releasing unsafe products to the population and causing irreparable damage to the brand. 

3 Underestimated Cyber Vulnerabilities Within Our Food Supply Chain 

The food industry can be targeted by cybercriminals in numerous ways but there are 3 primary methods that can be deemed the most underestimated. 

Phishing Emails 

Phishing is an attempt to trick a user into clicking a link in a bogus email or text that aims to disguise itself as coming from a legitimate and trustworthy source. In the case of the food industry, spoof emails have been a popular tactic for cybercriminals, containing links that take the user to a fake website or download malware onto their machine. 

Spoof emails in particular have become more sophisticated in recent years, making them harder to spot. By appearing to have been sent from an employee within your organization or a third-party company in the supply chain, it’s easy to see why these fake emails wreak so much havoc. 

For example, a spoof email may appear to have been sent from the accounts department of a company in your supply chain, containing an important document that needs to be reviewed. 

Ransomware

Ransomware is perhaps the most versatile tool that cybercriminals use, and can thus be used on companies in the food industry. It works in conjunction with phishing emails and other types of cyber attacks. After a threat actor gains access to key operational systems, they lock or encrypt them, refusing to allow the victim access until they pay a certain sum of money. 

Notably, Canadian company Maple Leaf Foods suffered $16.6 million worth of damage in 2022 after they refused to pay a ransomware gang. In 2023, Dole Food Company suffered a similar attack, resulting in losses of $10.5 million and a temporary stop to their operations. And these two food industry giants are far from the only ones to fall for this. 

Automated Systems 

Automated systems also present considerable risk as they control key operations, such as valve control mechanisms, temperature monitoring, and regulating food additives. If not monitored by humans properly, they become a perfect attack vector.

This type of attack can cause public alarm and long-lasting damage to a company’s reputation, and it’s mainly because of laziness. Even though research indicates that machine learning is set to grow at a yearly rate of 39% until 2029, businesses should refrain from overreliance on AI/ML solutions until they’re tried, tested, and verified by reputable third parties. 

Cybersecurity in Food Processing: 6 Challenges 

In this section, we have outlined six core challenges that the food industry faces, including common misconceptions and a lack of awareness.

  1. Many SMEs in the food industry believe they will not be targeted by cybercrime due to their size, however, smaller businesses are targeted just as much as larger organizations. This is often in the form of spoof emails.
  2. Cybercrime is becoming very accessible and isn’t exclusive to experts. This is because malware creators often find it more lucrative to sell their tools and services to individuals who may have identified a potential vulnerability. This is why it is crucial to assess the total attack surface of a business, including internal personnel.
  3. Decision makers sometimes believe that because their IT and cybersecurity needs are outsourced it isn’t something they need to worry about. Unfortunately, IT service providers are regularly subjected to cyber-attacks which could impact their clients.
  4. A lack of security training can result in employees being unaware of potential threats, increasing the likelihood of a successful cyber-attack or data breach. All members of staff, from IT to admin should receive cyber resilience training to spot the telltale signs of a cyber attack, as cyber resilience is only truly possible through complete vigilance from everyone in the company.
  5. Many businesses in the food industry deploy Internet of Things (IoT) devices to help manage operations and establish constant communication. These devices can sometimes be targeted as they can sometimes rely on poorly designed, unsupported, or outdated software. This type of vulnerability is often overlooked during a security audit.
  6. As internal production processes can sometimes be integrated with external data systems and networks, businesses must ensure any connection is fully secured using technologies such as a managed firewall, monitoring systems, and a VPN.

Industry Response: How Can the Food Processing Industry Protect Itself From Cyber Threats?

The food processing industry must take measures to equip itself properly in an attempt to combat the threat of cybercrime. A comprehensive cybersecurity strategy consists of three main components, education, technology, and environment. This involves employee training, advanced security software, and effective processes to protect data and systems.

Below is a checklist of important security actions that should be taken by all businesses that operate in the food industry:

  • Ensure all devices, software, and systems are fully up-to-date, installing the latest security patches to avoid threats such as a zero-day vulnerability. 
  • Go for bespoke software whenever possible. Due to the sensitive nature of food processing operations, businesses can’t afford to cheap out when it comes to workflow-essential apps. Even a simple thing, such as document conversion, shouldn’t be done without a secure PDF solution. A truly PDF solution will come with electronic signature capabilities that allow you to securely sign and share documents. Oftentimes, it’s the software provider that’s the main vector.
  • Implement password management processes to make sure all network users have strong passwords that cannot be cracked. Likewise, employees with access to sensitive data should be encouraged to frequently change their passwords.
  • Use multi-factor authentication to add an extra layer of network security. This can be either biometric verification or a custom, purely internal system.
  • Use a managed firewall and a VPN to protect any connections between internal and external systems. Monitoring systems can also provide alerts in real-time should any suspicious activity be detected on the network.
  • Conduct frequent security training to inform all members of staff in regard to cybersecurity best practices and threat awareness. This includes company-wide workshops and perhaps one-to-one training for staff members who have higher access permissions.

Conclusion

Cyber attacks on the food processing industry have seen a dramatic increase, with hackers and scammers moving their attention from industrial control systems to food processing businesses of all sizes. This is due to a lack of security which is thought to be prevalent across the industry. Common vulnerabilities, such as phishing emails and ransomware cause millions in damage each year.

Fortunately, with sufficient investment in technology and training, and by adhering to security best practices, businesses can effectively protect their data and systems. By following the steps in this guide, they can reduce the possibility of a data breach or security issue that could put the public at risk and cause irreparable reputational damage.

Nahla Davies
Nahla Davies
Nahla Davies is a software developer and tech writer. Before devoting her work full time to technical writing, she managed—among other intriguing things—to serve as a lead programmer at an Inc. 5,000 experiential branding organization whose clients include Samsung, Time Warner, Netflix, and Sony.

Related Posts

Industrial Control Systems Certification

An increasing number of intentional attacks are being detected that target industrial control systems (IC...
Nikhil Kapoor Jun 7, 2024 7:00:00 AM

Most Cybersecurity Teams Are Unprepared for AI Cyberattacks

Cybersecurity teams aren’t the only ones using artificial intelligence to their advantage — cybercriminal...
Zac Amos May 31, 2024 4:02:28 PM

Protecting Vital OT Infrastructure: Key Strategies for OT Penetration Testing

Operational technology (OT) cybersecurity faces significant challenges in maturing its operations and pro...
Mohannad AlRasan May 24, 2024 4:44:16 PM