A growing number of food and beverage businesses have been implicated in cybercrime incidents. The attack on KP Snacks was the most notable in recent memory – the company was compromised by ransomware in January this year, disrupting its manufacturing and shipping processes.
In fact, one in five employees in the manufacturing industry admit to being involved in a security breach or the loss of sensitive company data, according to research by Impero Software. The weakness identified in many cases stemmed from a lack of training of staff members and how they access sensitive company data.
Impero found that three in ten staff wanted better cybersecurity training, while 28% said they lacked the confidence to recognize and report cybersecurity threats at work.
Despite the lack of trust among these industry members, just over half said they access company data on personal devices an average of three times a week and among this group, nearly a quarter said that their organization does not have a strict security policy for personal devices. .
No longer analog driven
“While many believe that manufacturing is more analog driven, that’s just not the case anymore,”said Impero CEO Justin Reilly. “The modern manufacturing environment relies on a complex and often diverse network of connected devices, ranging from cloud-based data storage systems to automated assembly solutions and, increasingly, AI and robotics.
“While important to the evolution of the industry, this proliferation of devices has made it particularly vulnerable to malicious attacks. Without proper training to help staff detect and respond to cyber threats, or without having clear device security policies and tools in place, many manufacturers will be exposed to significant risk.
The availability of cybersecurity infrastructure also shows room for improvement. Only about half of respondents said they had access to secure remote access software or virtual private networks. And nearly six in ten did not require multi-factor authentication when logging into systems.
Faced with these vulnerabilities, how can manufacturers secure their systems against cyberattacks? With the gap between information technology (IT) and operational technology (OT) closing day by day, manufacturers cannot afford to fall behind.
One way to help prevent cyberattacks from happening in the first place is to have a set of standards that provide the tools and guidelines needed to secure a facility against cyberattacks.
David Bean, solutions manager at Mitsubishi Electric, says manufacturers should recognize IEC 62443 – an international series of standards that address cybersecurity for operational technology in automation and control systems.
“It defines the different security roles of key stakeholders, specifying the unique requirements for each level of security within the control ecosystem,”he explained.
“The IEC 62443 standard reinforces the accepted strategy of “defense in depth”, by defining methodologies for the implementation of OT cybersecurity measures and by describing the procedures as well as the policies which can form the methods for on the one hand preventing an attack and on the other hand to recover from an attack.
“It should be noted that IEC 62443 places considerable responsibility on the supplier of automation equipment to incorporate protection features into their products to aid in system design considerations and lifecycle management, as well as to respond to any vulnerabilities that may be discovered.”
The International Electrotechnical Commission (IEC) 62443 is an international series of standards that address cybersecurity for operational technology in automation and control systems.
The standard is divided into different sections and describes both the technical and process-related aspects of the cybersecurity of automation and control systems.
It breaks down cybersecurity topics by categories/actor roles including: operator, service providers (service providers for integration and maintenance) and component/system manufacturers.
The different roles each follow a risk-based approach to prevent and manage security risks in their activities.
To this end, Mitsubishi has set up a Product Security Incident Response Team and offers a Risk Audit Service that helps asset owners understand the risks and consequences of a potential cyber breach. The service provides a written report on the status of networked industrial control systems and offers recommendations for any corrections needed to meet the standards defined in IEC 62443.
An insurance policy
“In essence, an OT cybersecurity solution is an insurance policy and, as with so many things in life, the more comprehensive the policy, the higher the level of protection,”Bean concluded.
“Implementing a robust solution is part of a successful digital transformation strategy and ensures businesses can increase productivity and improve competitiveness.”
The road to a secure system is not easy, however. The severity of cybersecurity attacks has steadily increased and manufacturers are struggling to keep up. Worse still is the lack of trained personnel capable of employing countermeasures to cybersecurity attacks on operational technology.
This is an observation made by the director of industrial security services at Siemens, Stefan Woronka. “OT security experts are even harder to find than IT experts,”he explained. The slight differences between domains also prevent IT experts from simply switching to OT – OT security requires OT experts who are familiar with automation technologies.
While companies like Siemens have the luxury of having OT and IT experts on the job, many food factories don’t. To make matters worse, even vendors like Siemens won’t have the answer to every OT security problem. Its experts will not be able to rectify a problem with another supplier’s kit, for example.
This again forces the development of a standardized cybersecurity system between hardware and software vendors. Although developments in OT security are lagging behind their IT counterparts, the educational element is there and more and more attention is being drawn to the importance of protecting factories from digital threats.
Removal of niche label
Woronka added: “We must finally remove the “niche” label from OT cybersecurity by more clearly communicating the risks as well as the wide range of possibilities for better protection. »
As the digital age advances with almost daunting speed, food and beverage manufacturers need to be wary of the new challenges that digitizing their businesses will bring.
It is essential to understand how these changes will affect your business. It’s not just about setting up new systems in the future plant. It will also always be necessary to take into account the human factor – and the potential errors that come with it.
However, it seems that all the pieces are in place for food businesses to succeed the first time, no matter how far along the digitalization journey. The question is how to put them in the right place.
KP Snacks ransomware attack
The Conti malware gang claimed to have access to KP Snacks’ systems for some time and had infiltrated confidential data.
Nick Turner, Vice President and General Manager for Europe, Middle East and Africa at Druva. Mentioned: “Modern data protection systems provide increased resilience against this type of attack by ensuring that even system administrators are highly restricted when it comes to deleting backups – such permissions can help prevent attackers from encrypting or deleting backup files and protect against insider threats.
“These systems also have the ability to use artificial intelligence to automatically analyze the tens of thousands of files that need to be recovered and identify each one’s last known clean copy – massively accelerating service restoration and allowing the organization to get back in place and run faster.