Cyberattacks in the Food Industry: A Recipe for Potential Disaster

07 Nov 2023

Increased use of Technology Exposes Cybersecurity Vulnerabilities

The last few years have seen an increase in food prices due to the global pressure brought on by multiple world events. As the food industry grows, while simultaneously attempting to cut costs, technology is playing a greater role in food production and delivery. The growth within the industry, which is considered critical infrastructure by the United States Cybersecurity and Infrastructure Agency (CISA), has increased the attack surface for nefarious actors.

All points within the food supply chain have increased their use of technology. Farms have added more technology to monitor and tend to crop and livestock, saving them time and money. Cyberattacks targeting farm systems could lead to over-watering, under-watering, incorrect livestock feeds, and other issues resulting in food being lost. At scale, this could cause a problem for the food industry.

Machinery is often used in a food processing facility to mix ingredients according to a pre-defined recipe. These automated systems are trusted to correctly mix the products and hold the company's production secrets. A cyber incident could cause the loss of the recipe information or products being incorrectly made, either of which could damage the reputation of the company or cause products to be recalled.

Governments are always looking for fast and reliable ways to deliver up-to-date information to the public. This also applies to the food industry where applications are used to notify the public of recalled food products. An application such as this, while sharing information, could also be manipulated to change or withhold potentially life-altering information.

The threat facing the major food processors was on full display in late May and early June of 2021 when the American division of an international meat producer was the victim of a REvil ransomware attack carried out by Russian cybercriminals. The company paid $11 million USD in ransom to help regain functionality. As a result of the attack its facilities around the world were on standby, causing shortfalls in meat production and uncertainty in the pricing market. 

Canada's largest prepared meats and poultry producer was added to ransomware gang Black Basta's leak site, stemming from a cybersecurity incident that took place in November 2022. The company's facilities opened the day after the attack, however there were still system issues and some manual workarounds were required.

In February 2023, North America customers of one of the world's largest producers of fruit and vegetables posted images and complaints on social media after they found the shelves bare of some of their favourite products after the food giant suffered a ransomware attack. It is unclear how long their systems were down, however stores were able to restock shelves within a few days, but not before customers were able to try a different brand.

Food processors aren't the only targets within the food industry, consumers have also been targeted in restaurants and stores with malware that steals financial information when payments are made. Most fast-food establishments have added online ordering to better serve their customers, which unfortunately gave attackers a vector to steal 50,000 credit cards from 300 U.S. restaurants in July 2022. In this incident, three online ordering portals had scripts injected into their checkout pages.

A ready-made meal supplier in the U.K. that supplies care homes, hospitals, schools, charities and local authorities, suffered a cyberattack in June 2022 causing some of those food deliveries to be delayed.

Technology has made the lives of food processors, manufacturers, and consumers easier and more profitable. Protecting the entire food supply chain is fundamental to a functioning society. Failing to properly protect systems anywhere along the chain can have a wide range of consequences including lost revenue and other costs due to the impacts of a cyber incident, lost time, and potentially dangerous food.

Intertek's network security businesses have more than 30 years of experience in all facets of cybersecurity, across all types of organizations, from multinational insurance companies and automotive manufacturers, to mining operators and public sector bodies and universities. With a team of 150 professionals, Intertek can support your requirements across the globe. From our centers of excellence in the UK, Canada and Malaysia our teams are well equipped to serve clients in Europe, North America and South East Asia. Learn more about our Network Security Certification services for organizations.