Imagine showing up for work at a food processing plant and finding out that you and all the other staff preparing to start the shift have been locked outside by a group of hackers. While this sounds like the dystopian fare of the show “Black Mirror,” this exact scenario occurred last October at a Schreiber Foods yogurt plant in Richland Center, WI.
While these risks are not new, cyber security became a major topic in the food and beverage industry last year after a series of digital attacks against US firms. Meat processor JBS paid out an $11 million ransom after its operations in North America and were shut down in a hack in May 2021. A Federal Bureau of Investigation (FBI) notice issued in September alerted food and agricultural businesses that cyber criminals are carrying out ransomware attacks against companies in the sector.
“As the sector moves to adopt more smart technologies and Internet of Things (IoT) processes the attack surface increases,” the FBI warned. “Larger businesses are targeted based on their perceived ability to pay higher ransom demands, while smaller entities may be seen as soft targets, particularly those in the earlier stages of digitizing their processes.”
At the start of 2022, these issues are likely to remain top of mind for operators of food and beverage processing plants. 40% of consumer products industry executives recently surveyed by Deloitte say their companies plan to make significant investments to improve consumer data privacy and cybersecurity in 2022. Another 45% of executives indicated they will inject moderate investments in those areas this year. To provide a view of how the industry is responding to these ongoing threats, Powder & Bulk Solids highlights several major cyber incidents that impacted food and beverage firms in 2021.
Beverage manufacturer Molson Coors faced a “cybersecurity incident” in March 2021 that caused a “systems outage,” according to a document filed with the US Securities and Exchange Commission (SEC).
“We engaged leading forensic information technology firms and legal counsel to assist our investigation into the incident and we restored our systems after working to get the systems back up as quickly as possible,” the company wrote in the filing. “Despite these actions, we experienced some delays and disruptions to our business, including brewery operations, production, and shipments. This incident caused us to not produce or ship as much as we would have in the first quarter of 2021.”
The document states that Molson Coors spent $2 million on consultants and experts, as well as data recovery, as it was responding to the attack.
“A US Bakery Company”
An unidentified “US bakery company” suffered an ransomware attack last July that interrupted its operations for one week as the firm could not access its server, files, or applications, the FBI detailed in its notice on cyberthreats in the food and agriculture space.
The agency said the hack was the result of “a result of Sodinokibi/REvil ransomware which was deployed through software used by an IT support managed service provider (MSP).”
No information was available on how the incident was resolved. Later in the year, the US Department of Justice charged two Ukrainian citizens with carrying out Sodinokibi/REvil ransomware attacks on businesses and government entities in Texas in 2019. Officials were able to recover $6.1 million linked to alleged ransom payouts.
A ransomware attack bore down on confectionery firm Ferrara – the maker of popular US candy brands like SweeTarts and Nerds – in early October ahead of the busy Halloween season.
Cyber criminals encrypted Ferrara’s computer system on October 9 and asked the company to pay a ransom, The Hill reported. The company told the publication that they immediately initiated efforts to “secure all systems and commence an investigation” on the incident.
The hackers apparently disrupted Ferrara’s operations for several weeks.
“We have resumed production in select manufacturing facilities, and we are shipping from all of our distribution centers across the country, near to capacity. We are also now working to process all orders in our queue,” the company said in a Tech Times article published on October 21. “We want to assure customers that Ferrara’s Halloween products are on shelves at retailers across the country ahead of the holiday.”
It is unclear if Ferrara paid the requested ransom or not.
A “cyber event” temporarily halted operations at all of Schreiber Foods’ dairy processing plants and warehouses last October.
“We have a specialized response team that immediately jumped into action and began to resolve the matter,” Andrew Tobisch, director of communications for the Green Bay, WI-based firm, told ABC News affiliate WBAY. The attack shut down systems used by Schreiber Foods to operate its production facilities and warehouses.
The hackers reputedly sought a $2.5 million ransom from the firm, Wisconsin State Farmer reported. The incident stopped production, shipments, and milk deliveries at its facilities for five days, a company spokesperson said to the publication. Bloomberg noted in a report that the attack on Schreiber Foods’ operations also contributed to a nationwide shortage of cream cheese toward the end of 2021.
How Do Food and Beverage Operations Proceed in 2022?
As food and beverage manufacturers look to improve their assets with advanced connected technologies, companies will have to find ways to move closer to Industry 4.0, while balancing security risks.
Cyberattacks will remain a threat in the business landscape for some time to come. Large and small companies need to take proactive steps to safeguard their operations to ensure that service to customers remains at optimal levels.
As we have seen through the examples above, many food and beverage players are developing their own resources to respond to cyber incidents or seeking help from third-party consultants.