Ransomware Risk in the Food and Agriculture Industry: How to Proactively Fight Back

Written by: Joshua Arsenio, Security Advisor at Security Compass | November 2021

 

In September of this year, the FBI issued a warning that organized crime groups are using malicious software, also known as ransomware, to actively target the food and agriculture industry. The warning came on the heels of several large attacks during the summer of 2021, including those against meatpacker JBS USA and regional food providers, like NEW Cooperative in Iowa.

 

Though ransomware is typically associated with losing data and paying a ransom to get it back, there are much broader consequences of modern ransomware attacks. The number one concern is disruption of business continuity. Ransomware locks up systems and data, stopping operations and preventing orders from being fulfilled.

 

Despite the troubling threat landscape, there are steps you can take to proactively reduce your ransomware risk.

 

Why Are Ransomware Gangs Targeting the Food Industry?

The food industry is an attractive target for ransomware gangs because a disruption of service would severely affect a large number of people, making the victim company highly-motivated to pay a ransom to restore operations and unlock data.

 

There are two key questions to ask when thinking about the ransomware risk to your business: What will it look like if operations come to a stop? What will it look like if orders cannot be fulfilled?

 

Protecting Operations and Tracking Systems 

The Safe Food for Canadians Regulations (SFCR), which came into effect in 2019, introduced new requirements for food traceability. According to the regulatory guidance, traceability, at a basic level, is “the tracking of food forward to the immediate customer and back to the immediate supplier.” With the new requirements, food companies will have significantly more data to track and record, including lot codes, to follow food through the growing, harvesting, distributing, manufacturing, and retail process.

 

Traceability systems and software that hold this critical data are the foundation of compliance with SFCR, allowing companies to store the required data and produce it upon request in the case of a recall. However, these same critical systems are vulnerable to ransomware. A successful attack will not only steal your data, but can also lock you out of your traceability systems and software, preventing you from capturing new data and also from accessing existing records.

 

The best way to protect traceability data, as well as other sensitive data that supports your business operations, is to put security controls in place based on your company’s unique risks and compliance concerns. By taking strong precautions against ransomware, you can protect the confidentiality, integrity, and accessibility of your critical data, from lot codes to business documents, contracts with vendors, personally identifiable information belonging to clients, trade secrets, and internal office email.

 

Maintaining Business Continuity: Keeping Systems Online 

Ransomware can take your business offline for hours or days, whether or not you decide to pay the ransom. Ransomware locks up your systems, preventing you from fulfilling orders and meeting commitments with your clients and buyers. A stop in operations also puts perishable products at risk.

 

Recovering from a ransomware attack takes time, as you will need to thoroughly assess how the ransomware attack gained access and also remediate your systems to ensure the ransomware gang is not still on your network. However, by implementing effective ransomware protection measures, you can reduce the risk of an attack and keep business flowing smoothly. That’s good news for business continuity and for safeguarding current and future business relationships.

 

Be Proactive About Ransomware 

The best way to protect your business from ransomware is to proactively build a security and risk management program tailored to your company’s unique environment. Ransomware is a complicated threat, but there are ways to significantly reduce your risk.

 

Speaking to a security expert can help you put together the pieces and get from where you are to a state of being more prepared to resist ransomware, no matter what your current level of security maturity.

  • If you are just beginning a cybersecurity program, an expert can help you determine your internet-facing exposure, simulate how an attack would affect your business, and give you guidance on meaningful steps to protect your business.
  • If you have already begun to build a cybersecurity program, an expert can help assess your existing policies, assess the risk of business-critical systems, and provide guidance around reducing risk.
  • If you already have a cybersecurity program, including both policies and active security monitoring, an expert can help you make sure that your controls are as effective as possible against the threat landscape as it exists right now.

 

Ransomware gangs are targeting food and agriculture companies. Their attacks are costly in terms of money, time, and reputation. But you can be prepared by making it a priority to build up your ransomware defenses.