Modern cybersecurity must go beyond IT to protect the industrial control systems at the heart of the food and beverage manufacturing process.
When we buy groceries at the supermarket, most of us check the ingredients and expiration dates of packaged goods.But, how can we be sure the products we bring home are safe to eat and drink?
The impact of a tainted product reaching the market can have devastating effects on both public health and brand reputation. Food companies spend upward of $55 billion every year on legal, healthcare and lost productivity costs associated with operational blunders.1 As part of the Food Safety Modernization Act (FSMA), the U.S. Food and Drug Administration (FDA) requires companies to implement mitigation strategies that protect against intentional adulteration – the first bill in the U.S., and one of the most aggressive globally, to address issues of “food defense.”
Food safety can be compromised by various sources, from disgruntled employees to politically motivated sabotage and even acts of terrorism. If perpetrators gain access to the industrial control systems (ICS) that manage production and distribution, they can wreak havoc on the food supply chain, unleashing a wide range of safety and operational hazards.
Unfortunately, most food and beverage companies still overlook the cyber threats inherent to their industrial control processes – leaving them vulnerable to a crippling attack at a moment’s notice.
The staggering costs of an ICS breach
Cybersecurity goes beyond IT security and industrial network segmentation. It must also protect the ICS at the heart of the food and beverage manufacturing process. These systems control production quality and recipe execution. They manage everything from the mix of ingredients to the temperatures at which food is processed and stored prior to shipping.
Any unauthorized change to an ICS controller – due to a sophisticated cyberattack or an innocent human error – can result in the production of tainted and unhealthy products. The collateral damage of one breach can be irreparable.
Discarding a production batch due to incorrect ingredient ratios, altered sugar levels or raised milk temperatures, for example, can cost manufacturers millions of dollars, not to mention the dire consequences if those contaminated products reach the market. In early 2017, when more than two dozen children became sick with E coli-related illnesses after eating SoyNut Butter, both the parent company and its manufacturer filed for bankruptcy months later.2
Effective food safety dictates zero tolerance for unintended changes to manufacturing processes. In the event of a safety issue, food and beverage companies have no choice but to shut down the relevant production line until the problem is sorted out.
For global manufacturing customers, the cost of shutting down a single production line can run upward of $65,000 per hour, or more than $1.3 million per day, in lost revenues. As food and beverage manufacturers typically operate 24/7, across multiple production lines, downtime costs due to an ICS-related cyber incident can quickly pile up, straining companies from much-needed revenues.
Connected technologies are a double-edged sword
ICS networks are more vulnerable to cyberattacks than their IT counterparts. This is because most industrial controllers were designed decades ago, well before cybersecurity became a critical concern. ICS networks face the same cyber risks common in IT environments, but suffer from an absence of basic security controls and the lack of automated asset management capabilities.
These security gaps become more urgent each day, as food and beverage manufacturers rely on automated ICS to process, store and manage large product volumes. In recent years, the industrial internet of things (IIoT) has introduced new wireless sensors and remote devices into these systems to improve supply chain analytics and enable predictive maintenance.
While automation and connectivity increase productivity and allow companies to focus on innovation, they also create new security challenges, by exposing unprotected ICS. We can attribute the risks to the following factors:
- Operational technology (OT) networks were not designed with security in mind, meaning industrial controllers are not typically protected with authentication, encryption, authorization or other modern security mechanisms.
- A successful cyberattack on an OT network could have product quality and safety implications as well as financial, legal and environmental ramifications.
- OT networks are more difficult to monitor because of their proprietary protocols, network isolation and lack of security or monitoring tools.
Compounding the cyber threat, control systems within a food manufacturing facility are often integrated with other IT systems, such as administration, finance and resource planning (e.g., ERP). A breach of any IT or OT device puts the entire ICS network at risk.
Internal vs. external security threats
Food defense experts have warned of the industry’s exposed ICS as low-hanging fruit for traditional hackers, cyber criminals for hire and even nation-states.3 But, while external cyberattacks and data breaches often make news headlines, most manufacturers see their main threat coming from insiders.
Within this category, the leading cause of operational downtime is human error, followed by malicious insiders who can also tamper with these systems.
Innocent mistakes and negligence on the part of trusted employees, contractors and integrators – such as making changes to the wrong programmable logic controller (PLC) or incomplete maintenance of a distributed control system (DCS) – can trigger a variety of disruptions, downtime and tainted products.
Cyber risk awareness is the first step to prevention
Until recently, most food and beverage companies exhibited little awareness regarding the cyber risks to food safety and manufacturing processes. This is partly due to the shortage of reporting on cybersecurity events within the industry. The FDA also overlooked the role of cyber in its official guidelines on food defense, reinforcing the perception of low risk.
The truth is cyber threats pose a serious risk for the food industry. They can disrupt manufacturing processes, take down a production line and endanger the public. The financial impact of such an incident can easily run into the tens, even hundreds, of millions of dollars.
To secure the food supply chain against cyber threats, companies need a multipronged approach that includes the following measures:
- Full visibility across your converged IT/OT operations. Discover and track every asset on your network in real time, closing the gaps where someone could intrude or bungle a key industrial process. Be sure to capture every connected device, even dormant wireless headsets or water leak sensors that can provide a highway for hackers to commandeer your industrial mixing tank.
- Identify vulnerabilities before they become exploits. Use detection methodologies to mitigate threats at every point in your supply chain, from procurement to processing to delivery. Actively managing this attack surface is the only way to reduce your exposure to catastrophic legal, financial and reputational risk.
- Maintain full audit trails for every configuration change. With hundreds of network patches and software updates issued every day, manufacturers need to continuously scan their networks for local changes on devices and detect anomalous behavior. Developing a granular history of every change across your network will enable faster recovery of the “last known good state” when a breach affects your network.
By appreciating the full scale of the cyber threat, the food and beverage industry can avoid devastating shocks to the supply chain, manufacturers can focus on product innovation and consumers can shop with confidence.
Want to learn more about how to protect your food supply chain from cyber threats? Check out Tenable's ICS cybersecurity checklist.
1. “Why Our Food Keeps Making Us Sick,” Fortune, May 2016
2. “FDA shuts down soy nut butter maker linked to E. coli outbreak,” Food Safety News, March 2017
3. “Does a HACCP-Based Food Safety Culture Provide Solutions?,” Food Safety Magazine, September 2017