Food Safety
search
cart
facebook twitter linkedin
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Food Safety
  • NEWS
    • Latest News
    • White Papers
  • PRODUCTS
  • TOPICS
    • Contamination Control
    • Food Types
    • Management
    • Process Control
    • Regulatory
    • Sanitation
    • Supply Chain
    • Testing and Analysis
  • PODCAST
  • EXCLUSIVES
    • Food Safety Five Newsreel
    • eBooks
    • FSM Distinguished Service Award
    • Interactive Product Spotlights
    • Videos
  • BUYER'S GUIDE
  • MORE
    • ENEWSLETTER >
      • Archive Issues
      • Subscribe to eNews
    • Store
    • Sponsor Insights
  • WEBINARS
  • FOOD SAFETY SUMMIT
  • EMAG
    • eMagazine
    • Archive Issues
    • Editorial Advisory Board
    • Contact
    • Advertise
  • SIGN UP!
ManagementFood Defense

Food and Agriculture Are Critical Infrastructures but also Domains of Future War

February 4, 2020

The death of Qasem Soleimani at the hands of the American military is considered a game changer by many because Iran’s chief architect of terrorism was successfully targeted, putting the Iranian government on notice that similar results can be repeated if malign activities continue. Iranian decision-makers remain bent on revenge, and the cyber realm provides a likely attack vector, given the potential for plausible deniability. The likely cyber targets? U.S. critical infrastructures, including the U.S. food supply and its backbone, agriculture.    

We often assume our food supply is a constant, incapable of failure. This is mistaken. Our food supply and supporting logistical systems are in fact a system of systems, which is both a blessing and a curse. The blessings are efficiency and economy, which ensure that the U.S. has the most diverse and economical food supply of any nation in the world. The curse is that single-point failures can cause cascading effects, disrupting the entire system.

For decades, Iran has developed sophisticated terrorist capabilities, and immediately after Soleimani’s death the press expressed worry about “sleeper cells,” or terrorists in hiding. Iran’s mobilization of such cells would elevate the potential for violence, but law enforcement is constantly on the lookout for them. Another concern is “lone wolves,” or individuals who commit violent acts on their own, without specific directions from any nation or group. Again, law enforcement is on the hunt.

Could attacks from either occur in the U.S.? Of course they could, but adversaries aren’t restricted to using improvised explosives or guns. Terrorism can take other forms, such as attacking the food supply. Cyber may in fact become the weapon of choice for sleeper cells and lone actors seeking to cause panic and sow distrust of a government unable to protect us.

The Information Technology-Information Sharing and Analysis Center (IT-ISAC) was formed by companies in the information technology sector as a forum for managing risks to their corporate IT infrastructure. As expected, the IT-ISAC observed multiple reports of attacks originating from Iran across various industries in the days following the killing of Soleimani.

The governor of Texas reported that Texas state agencies alone were seeing 10,000 attempted attacks per minute. In addition, there were public reports of password-spraying attacks on the U.S. grid emanating from Iran. “Password-spraying” is the attempt to guess passwords for hundreds or even thousands of different accounts, in this case targeting U.S. electric utilities as well as oil and gas firms.

The likelihood of Iran continuing malign activities in the cyber realm is very high because deterrence in cyberspace is very difficult, since it is hard to impose costs on cyber-architects and actors. For example, while the U.S. has indicted many people for nation-state cyberattacks, these actors are unlikely to be arrested and face trial. The U.S. is beginning a campaign as part of a larger strategy of warring by attrition, as evidenced by escalating economic sanctions. In the meantime, we as a nation should expect possible acceleration of increasingly sophisticated cyberattacks by Iran. All critical infrastructures, including food and agriculture, will be targeted.

What is the appropriate corporate response to these continuing threats? First, remain calm and carry on in the development of robust cyber defenses.” Your greatest defense is corporate resiliency, meaning you become capable of absorbing a cyberborne strike with a minimum of business disruption.

Cyber Impact
Concerns about Iran launching cyberattacks against critical infrastructure are well-founded. Iran has developed offensive cyber capabilities, and Iranian actors have attacked critical infrastructure in the past. Most famously, from 2011-2013 Iranian actors launched wide-scale and impactful Distributed Denial of Service attacks against U.S. financial services institutions. In March 2016, seven Iranians were indicted by the U.S. Justice Department for launching these attacks on behalf of the Iranian government. In addition, we know that other nation states have deployed offensive cyber tools during heightened times of geopolitical tension:

• Russia was blamed for a series of cyberattacks in 2007 against Estonia.

• In December 2016, Russia is alleged to have hacked the power grid in the Ukraine to knock off power to millions of people. Russia is reported to also be probing the U.S. power grid.

• In 2012, the Shamoon Virus fried 35,000 machines belonging to Saudi Aramco in a cyberattack attributed to Iran.

• A programmer working on behalf of North Korea is alleged to have been responsible both for the 2014 attack on Sony Corporation as well as launching the 2017 WannaCry ransomware.

This is not a complete list. Of course, the U.S. government has also launched cyber offensives against adversaries. The Stuxnet virus, which allegedly targeted the Natanz nuclear facility in Iran with the goal of disrupting its development of nuclear weapons, is thought to have been developed by the U.S. and/or Israel. More recently, the U.S. also is reported to have launched cyberattacks against Iranian missile systems. Multiple nation states have been known to launch attacks against critical infrastructure. In addition to nation state actors, hackers often act independently, launching revenge attacks motivated by a sense of patriotism or injustice.

The threat from Iranian cyberattacks is real. The Iranians have demonstrated past intent and capability. It is so real, in fact, that on January 4, 2020, the Department of Homeland Security warned of Iran’s “robust cyber program” in a terrorism alert. This threat was followed by another alert on January 6 that warned specifically of the potential of Iran to launch cyberattacks in response to the killing of Soleimani. This threat is heightened for critical infrastructure companies, including those in the food and agriculture industries.

What can companies do in this heightened threat environment? Begin by taking basic cybersecurity precautions. Doing the small things the right way can pay big dividends. Some simple, inexpensive but effective ways companies can begin to secure themselves:

• Make sure your machines are updated: Whenever possible, use the “automatic update” feature to ensure hardware and software are running the latest versions. Patches plug vulnerabilities. Bad guys get into your network by exploiting vulnerabilities. By reducing your vulnerabilities, you increase your security.

• Deploy anti-virus and anti-malware tools: These tools are not foolproof but provide an essential layer of defense to protect against known malware and viruses.

• Back up your data: If you were to experience a breach or become a victim of ransomware, you can quickly regain access (and keep your business running) if you have access to your data. Offsite data storage generally is recommended, and several tools are available for automatic, online backup of files and systems.

• Implement two-factor authentication: Two-factor authentication forces a user to prove their identity twice—typically with a username/password combination and a secondary authentication. Often this is a text message to the user’s mobile phone, although there are two-factor authentication methods that provide even greater security.

• Understand the risks to your business: Cyberattacks can be disruptive or they can be debilitating. Debilitating attacks threaten core business operations and threaten your company’s ability to stay in business. Identify and understand core business functions so you can protect them by creating redundant capabilities.

• Collaborate with peers: Your network is one very small part of the global Internet infrastructure. Engage with peers to learn what they are seeing and understand what security practices they have implemented. Also share with companies that have worked for you. Information ISACs offer companies the opportunity to engage with peers in a trusted environment under the protection of non-disclosure agreements. The IT-ISAC has a Special Interest Group dedicated to sharing among the food and agriculture industry. Identify the right forum for you and engage!

• Access open source tools and data: There are excellent tools available on the Internet that can assist you in improving your security. You can sign up from alerts from the Department of Homeland Security, you can leverage the National Institute of Standardds and Technology’s Cybersecurity Framework to build your cybersecurity program.

Robert A. Norton, Ph.D., is chair of the Auburn University Food System Institute’s Food and Water Defense Working Group. He is a long-time consultant to the U.S. military, federal, and state law enforcement agencies. His blog, Bob Norton’s Food Defense Blog, can be found at aufsi.auburn.edu/fooddefense/blog/. He can be reached at nortora@auburn.edu or 334.844.7562.

Scott Algeier is the executive director of the IT-ISAC.


Author(s): Robert A. Norton, Ph.D., and Scott Algeier

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
to unlock your recommendations.

Already have an account? Sign In

  • people holding baby chicks

    Serovar Differences Matter: Utility of Deep Serotyping in Broiler Production and Processing

    This article discusses the significance of Salmonella in...
    Microbiological
    By: Nikki Shariat Ph.D.
  • woman washing hands

    Building a Culture of Hygiene in the Food Processing Plant

    Everyone entering a food processing facility needs to...
    Sanitation
    By: Richard F. Stier, M.S.
  • graphical representation of earth over dirt

    Climate Change and Emerging Risks to Food Safety: Building Climate Resilience

    This article examines the multifaceted threats to food...
    Best Practices
    By: Maria Cristina Tirado Ph.D., D.V.M. and Shamini Albert Raj M.A.
Manage My Account
  • eMagazine Subscription
  • Subscribe to eNewsletter
  • Manage My Preferences
  • Website Registration
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Food Safety Magazine audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Food Safety Magazine or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • mold
    Sponsored byIFC

    Tackling Mold Remediation in Food Processing Plants

  • a worker in a food processing plant
    Sponsored byLPS® DETEX®

    How a Beverage Facility Improved Food Safety and Compliance with Detectable Packaging Solutions

  • Two men standing in a produce storage facility having a discussion.
    Sponsored byOrkin Commercial

    Staying Compliant With FSMA

Popular Stories

sunflower oil

Louisiana Passes ‘MAHA’ Bill Targeting More Than 40 Ingredients, Including Seed Oils, Dyes, Sweeteners

smoked salmon in oil

Study Shows Food Type Significantly Affects Listeria’s Ability to Survive Digestion, Cause Sickness

Justin Ransom and Denise Eblen

USDA-FSIS Announces Dr. Justin Ransom as New Administrator

Events

July 15, 2025

Hygienic Design Risk Management: Industry Challenges and Global Insights

Live: July 15, 2025 at 11:00 am EDT: From this webinar, attendees will learn the importance of hygienic design to ensure food safety and sanitation effectiveness.

July 22, 2025

Beyond the Binder: Digital Management of Food Safety

Live: July 22, 2025 at 3:00 pm EDT: During this webinar, attendees will learn best practices for the use of digital food safety management systems across industry and regulatory agencies.

August 7, 2025

Achieve Active Managerial Control of Major Risk Factors Using a Food Safety Management System

Live: August 7, 2025 at 2:00 pm EDT: From this webinar, attendees will learn about changes to the FDA Food Code, which now includes a requirement for FSMS. 

View All

Products

Global Food Safety Microbial Interventions and Molecular Advancements

Global Food Safety Microbial Interventions and Molecular Advancements

See More Products
Environmental Monitoring Excellence eBook

Related Articles

  • Food and Agriculture Are Domains of War: Part 1

    See More
  • Food and Agriculture Are Domains of War: Part 5

    See More
  • Food and Agriculture Are Domains of War: Part 4

    See More

Related Products

See More Products
  • 1118474600.jpg

    Practical Food Safety: Contemporary Issues and Future Directions

  • 9781498721776.jpg

    Handbook of Food Processing: Food Safety, Quality, and Manufacturing Processes

  • 1444333348.jpg

    Handbook of Food Safety Engineering

See More Products

Events

View AllSubmit An Event
  • May 15, 2025

    Town Hall: A Candid Dialogue on the Future of Food Safety

    On Demand: The 13th Annual Town Hall at the Food Safety Summit brings together top food safety leaders for an open and dynamic conversation about the most pressing challenges and opportunities in food safety today. 
View AllSubmit An Event

Related Directories

  • Neogen

    Neogen provides a comprehensive range of solutions and services for the food processing, animal protein and agriculture industries, not only helping to protect the world’s food supply, but also enabling our customers to produce more efficiently and effectively than they could before.
  • KPM Analytics

    KPM Analytics enables companies to effectively manage product quality and brand value. We are a global leader in scientific instrumentation, focused primarily on analyzing critical quality parameters in the food, agricultural, industrial, and environmental industries. We provide a comprehensive range of products and services to uniquely solve our customers’ problems.
  • Saldesia "Goddess of Food Safety"

    Saldesia is a distributor of Food Safety products and solutions. We are focused on supplying the Quality, Production, Safety and Sanitation departments. Product lines include Color Coded, Metal Detectable, Antimicrobial Flooring & Mats, Workwear, Footwear, Spray Nozzles, and more!
×

Never miss the latest news and trends driving the food safety industry

eNewsletter | Website | eMagazine

JOIN TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Directories
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • Instagram
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing