Food Safety
search
cart
facebook twitter linkedin
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Food Safety
  • NEWS
    • Latest News
    • White Papers
  • PRODUCTS
  • TOPICS
    • Contamination Control
    • Food Types
    • Management
    • Process Control
    • Regulatory
    • Sanitation
    • Supply Chain
    • Testing and Analysis
  • PODCAST
  • EXCLUSIVES
    • Food Safety Five Newsreel
    • eBooks
    • FSM Distinguished Service Award
    • Interactive Product Spotlights
    • Videos
  • BUYER'S GUIDE
  • MORE
    • ENEWSLETTER >
      • Archive Issues
      • Subscribe to eNews
    • Store
    • Sponsor Insights
  • WEBINARS
  • FOOD SAFETY SUMMIT
  • EMAG
    • eMagazine
    • Archive Issues
    • Editorial Advisory Board
    • Contact
    • Advertise
  • SIGN UP!
ManagementFood Defense

Many Future Food Defense Problems Will Begin with Cyber

June 5, 2018

Imagine that you work for Acme-Z Food Corp. You go to your computer, only to find you are locked out of all your files and systems, which are being held for ransom. How much would you pay to get those files back? What would happen to your company if the accounts, the proprietary information, the records, the formulas, the recipes, and even the control software for your systems were gone—forever?

Are cyberattacks an existential threat? The answer, unfortunately, is yes. Cybersecurity is one of the elements that can make or break your business.

A Nightmare Come True: Atlanta
On March 22, 2018, the city of Atlanta suffered a targeted ransomware attack that shut down the city’s online systems and digital services. Researchers identified the ransomware as “SamSam,” a particularly vicious malware that infiltrates a system by exploiting an open vulnerability. After a successful breach, the malware quickly propagates within the infected system by utilizing common exploiting/hacking tools, enabling it to easily spread to adjacent systems.

Previously, SamSam has been used to target state government infrastructures and the healthcare industry. Researchers surmise that victims are predetermined and targeted. Put differently, adversaries were looking at Atlanta, exploring the city’s systems, looking for the things that make Atlanta’s systems vulnerable.

The attack on Atlanta disrupted a number of the city’s processes, activities, and services. Citizens were unable to pay water bills, police officers had to hand-write and manage reports, and government employees had to complete and file paperwork by hand. Beyond the actual ransom that Atlanta very quietly paid, there no doubt were costs associated with loss of time and extra effort for the victims.

The attack was motivated by greed. That being said, there may have been other motivations. Some adversaries, nation states for example, may use a ransomware attack to study our nation’s response. For that reason alone, there are lessons to be learned here.

A large city like Atlanta should have been better prepared. That the city was not adequately prepared says volumes about the configuration and management of municipal cyber systems. This is important, because an attack like this one could be just the first salvo, with larger attacks coming. If the people who manage a city as large as Atlanta could make bad decisions about designing and maintaining a secure cyber system, what hope is there for a food company?

Cyber system vulnerabilities can be exploited from the outside, or internally because an employee makes a bad decision such as opening a malware link in an email. Actual malevolence by someone inside your company might also be the cause. Cyber systems have to be robust enough to ward off relatively sophisticated cyber adversaries. In a sense, you are urging adversaries to “move on,” to target someone else. Your defenses should be strong enough that an adversary will decide your defenses are not worth the trouble to breach.

An Evolving Threat: Ransomware
The food and agriculture sector is considered “critical infrastructure” or “CI,” meaning our society cannot function without it. This sector is dependent on other critical infrastructure sectors, such as the power grid, water, and transportation. Ransomware poses a serious threat to all of these inter-linking systems.

In November 2016, for example, ransomware halted the city of San Francisco’s light rail system. Luckily, the city’s municipal transportation agency was able to restore the system from a stored back-up, thus avoiding paying the ransom and losing too much money to downtime. The malware campaign could have been very costly as well as leaving many San Franciscans without reliable, necessary transportation and sending shudders through other CI sectors.

If the same thing happened to a power grid or other vital infrastructure, the attack could be immensely disruptive. Since CIs are attached to other CIs (cyber to water; water to food; food to banking, etc.), the initial attack could serve as the entry point, creating a cascading effect that could impede or damage access to services necessary for our welfare, and in a worst case scenario, our survival. 

The aggregate damages could be unimaginable. Unchecked, such an attack could bring our nation to its knees. In time of actual war, we can expect our adversaries to give no quarter. American corporations and industry will be prime targets.

A Nation-State Adversary: Russia
Russia is, in many ways, incapable of confronting the U.S. in a sustained shooting war, but in terms of offensive cyber capabilities, Russia is what the military calls a “near peer.” That means Russia’s capabilities are very close to those of the U.S., and CIs are conceivably targets.

A joint technical alert issued by the Department of Homeland Security and the Federal Bureau of Investigation recently warned critical infrastructure sectors about Russian government cyber activity targeting U.S. CIs with a “multi-stage intrusion campaign.” The Russians have specifically targeted third-party suppliers or organizations that are trusted by CI companies. These compromised entities are then used to launch cyberattacks against the primary CI targets, employing tactics such as spear-phishing emails. Intended victims assume that emails and files from trusted third-party suppliers and organizations are safe, so they don’t hesitate to open attached files and click on links.

After successful attacks, the Russians continue to exploit leveraged users’ credentials and some critical internal files, enabling remote access. Because of these tactics, Russia is considered a “persistent threat.” If Russia targets your corporation, you probably won’t know. Where nation states are involved, attribution can be exceedingly difficult.   

Prevention Measures
Given the sophistication of persistent adversaries like Russia, how can a food corporation prevent system compromise? First, corporations should start with the basics. Administrators should keep all systems and applications updated, minimizing known vulnerabilities; this is particularly important in the case of the SamSam strand and similar ransomware strands.

Additionally, administrators may want to consider implementing a premium anti-ransomware protection tool. Many of these tools monitor for suspicious behavior, prevent file modification, and provide a way to recover lost files. Security Information and Event Management (SIEM) technology is a supplement to these kinds of software; administrators may consider utilizing a SIEM to watch for suspicious changes to files on the system, such as multiple file name changes or increased file sizes within the same directory. Such changes may indicate the addition of a file header and/or footer by the ransomware, with the addition containing information necessary for file decryption.

Regular back-up of important data also can alleviate the headaches caused by a successful ransomware attack; administrators may be able to wipe a compromised system clean and restore it with archived data, sustaining relatively little damage from the malware. Critical infrastructure providers also should ensure third-party suppliers evaluate and update their own systems.

Finally, educate employees about security, because employees are integral to preventing an attack. Many strands of ransomware find their way into a victim’s system through a malicious email attachment or downloaded executable file. Employees should be taught not to open suspicious emails, not to plug unknown or suspicious hardware accessories into their computers, and not to use corporate systems for personal use. They should also be knowledgeable about using restricted passwords and should use multi-factor authentication to access important accounts.

If a system does succumb to a ransomware attack and does not have a data archive from which to restore the system, administrators usually have three options: Pay the ransom to unlock their data, which may or may not happen; restore data using their back-up; or hire a specialized security team to attempt to recover the data and vaccinate the machine. Having a predetermined specific incident response plan will also help.

Cyber security is a matter of system planning and management and urging all employees to adhere to the basics, but being ready when they don’t. Securing CIs is important, particularly where one touches another. And food corporations have to learn to better protect themselves, because the National Security Agency (NSA) will not and cannot be used to protect food and agriculture, at least directly.

NSA and the U.S. Cyber Command are responsible for gathering Intelligence, but corporations do not have access to this intelligence and therefore must gather their own Intelligence to better protect their assets. That means that corporations, in many ways, are on their own. Cyber security is no longer just a cost of doing business; in the future, cyber security may be key to corporate survival because nation state adversaries can be expected to target food and agriculture in the event of war.

Robert A. Norton, Ph.D., is a professor at Auburn University and chair of the Food Defense Working Group in the Auburn University Food System Institute. A long-time consultant to federal and state law enforcement agencies, the Department of Defense, and industry, he specializes in intelligence analysis, weapons of mass destruction defense and national security. For more information on the topic or for more detailed discussions about specific-security related needs, he can be reached at nortora@auburn.edu or by phone at 334.844.7562. Jason Lancaster is with SpyCloud, which helps businesses prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. This is accomplished through an early warning breach detection service powered by a team of intelligence analysts. Check your organization’s exposure at spycloud.com.


Author(s): Robert A. Norton, Ph.D. and Jason Lancaster

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
to unlock your recommendations.

Already have an account? Sign In

  • people holding baby chicks

    Serovar Differences Matter: Utility of Deep Serotyping in Broiler Production and Processing

    This article discusses the significance of Salmonella in...
    Methods
    By: Nikki Shariat Ph.D.
  • woman washing hands

    Building a Culture of Hygiene in the Food Processing Plant

    Everyone entering a food processing facility needs to...
    Management
    By: Richard F. Stier, M.S.
  • graphical representation of earth over dirt

    Climate Change and Emerging Risks to Food Safety: Building Climate Resilience

    This article examines the multifaceted threats to food...
    Management
    By: Maria Cristina Tirado Ph.D., D.V.M. and Shamini Albert Raj M.A.
Manage My Account
  • eMagazine Subscription
  • Subscribe to eNewsletter
  • Manage My Preferences
  • Website Registration
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Food Safety Magazine audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Food Safety Magazine or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Two men standing in a produce storage facility having a discussion.
    Sponsored byOrkin Commercial

    Staying Compliant With FSMA

  • Deli Salads
    Sponsored byCorbion

    How Food Safety is Becoming the Ultimate Differentiator in Refrigerated and Prepared Foods

Popular Stories

Corporate manager talking with factory employees

Turning Resistance into Opportunity: Motivating Change in the Food Industry

Image of executive signing legislation into law

Texas Governor Abbott Signs MAHA-Similar Bill into Law

Microphone in a conference room used for receiving public comment

FDA Seeks Input on New Method for Ranking Chemicals in Food for Post-Market Assessments

Events

June 26, 2025

How to Design and Conduct Challenge Studies for Safer Products and Longer Shelf Life

Live: June 26, 2025 at 2:00 pm EDT: During this webinar, attendees will learn how to conduct challenge studies for microbial spoilage and pathogen growth, including the common challenges encountered, laboratory selection, and use of predictive models.

July 15, 2025

Hygienic Design Risk Management: Industry Challenges and EHEDG Guidance

Live: July 15, 2025 at 11:00 am EDT: From this webinar, attendees will learn the importance of hygienic design to ensure food safety and sanitation effectiveness.

July 22, 2025

Beyond the Binder: Digital Management of Food Safety

Live: July 22, 2025 at 3:00 pm EDT: During this webinar, attendees will learn best practices for the use of digital food safety management systems across industry and regulatory agencies.

View All

Products

Global Food Safety Microbial Interventions and Molecular Advancements

Global Food Safety Microbial Interventions and Molecular Advancements

See More Products
Environmental Monitoring Excellence eBook

Related Articles

  • Food security

    Cyber as a Vital Element in Comprehensive Food Safety and Defense Programs

    See More
  • cybersecurity

    Persistent Cyber Threats Focus Food Defense Efforts

    See More
  • Food Safety Summit Press Releases

    THE 13TH ANNUAL TOWN HALL AT THE FOOD SAFETY SUMMIT WILL OFFER A CANDID CONVERSATION ON THE FUTURE OF FOOD SAFETY

    See More

Related Products

See More Products
  • 1118474600.jpg

    Practical Food Safety: Contemporary Issues and Future Directions

  • 0813808774.jpg

    Improving Import Food Safety

  • Food-Forensics-3D.jpg

    Food Forensics Handbook Practice, Instrumentation, Case Studies

See More Products

Related Directories

  • Eaglestone Inc.

    Eaglestone Equipment is a custom design and manufacturing company specializing in producing equipment necessary for safe food processing and packaging. We have been serving the food and packaging industries for over 20 years and know the many difficulties and problems facing the sanitary delivery of high production manufacturing.
  • Smart Food Safe

    Smart Food Safe is a leading and innovative software company specializing in providing state-of-the-art technology solutions for businesses to excel in Quality, Food Safety, Regulatory, and Traceability management. With a strong focus on empowering organizations, Smart Food Safe Software offers a comprehensive suite of customizable modules designed to streamline processes, ensure regulatory compliance, enhance product quality, and enable real-time visibility into operations.
  • Michigan State University Online Food Safety Program

    MSU's Online Food Safety program strives to educate professionals on how to make global food systems safe. The program consists of a master’s degree and graduate certificate, both entirely online. Each program will provide students with applicable knowledge to navigate the ever-changing concerns surrounding food safety, food protection, and public health.
×

Never miss the latest news and trends driving the food safety industry

eNewsletter | Website | eMagazine

JOIN TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Directories
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • Instagram
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing