THERE might have been a time when hacking into a food or agricultural company's system was far from a hacker's mind. Why threaten a company that provides a basic need? But this is simply just a rhetorical question. Because just like any other business, food companies have to protect their data and operations, and more so because if they don't, the health and safety of their consumers could also be at risk.
While the adoption of IoT and smart technologies is paving a future that ensures efficient operations, better processing, and safer products, it has exposed F&B companies to sophisticated cyber criminals. Many manufacturers are falling victims to these crimes, and the threat to the food supply chain persists as long as systems are easy to breach. The only way forward is to continually strengthen their cybersecurity.
To understand the issues, we talked to Vijay Vaidyanathan, who is currently the Regional Vice President – Solutions Engineering, APJ at the industrial cybersecurity company, Claroty.
Why are food companies easy to target?
The food manufacturing industry has low maturity in terms of cybersecurity and such incidents highlight the urgent need for food companies to prepare for and learn to manage cyber-related risks. That includes risks from information technology (IT), operational technology (OT) such as industrial control systems (ICS), and importantly, from the convergence of IT and OT networks as a result of digital transformation. This is especially pertinent in environments where vulnerable legacy technology exists, as any downtime could result in huge ramifications for the company and the public at large, as was the case with JBS Foods.
According to the Cybersecurity Agency of Singapore, nearly 40% of cyberattacks in Singapore target small and medium enterprises. The most common methods were phishing attempts and ransomware. Just like big companies, SMEs are going digital in the industry 4.0 environment, they may become vulnerable to cyber threats such as phishing attacks, defacements, and ransomware. For many lean SMEs, being hacked would mean that normal operations would come to a halt. This may then result in revenue loss and negatively impacts the company's reputation.
What can hackers manipulate?
Cyberattacks have evolved beyond theft of data to disruption of physical assets with consumer impacts. Hackers often encrypt data on systems and demand ransom to decrypt it, but in some cases, the primary targets have shifted from the data alone to consumer-facing services.
Hackers have the following motivation: damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.
What are the entry points?
At first, hackers identify a vulnerable target and explore how to exploit it. Outdated OT is especially vulnerable – designed without security in mind and often incompatible with much of today's IT software and security tools — as these can cause major operational outages and complete shutdowns if compromised.
Why should or shouldn't F&B companies think twice about going digital in the face of growing cyber security threats?
Digital transformation in the F&B industry is imperative because it enables innovation and replaces outdated and analog processes with modern, fully integrated technology. Doing so immediately reduces or eliminates the inaccuracies, delays and lost data associated with manual processes. The COVID-19 pandemic has put supply chains to the test and in many instances delays and shortages occurred, making clear the weaknesses in their current models.
Comments
Post a Comment