MAIDTONE, KENT, UK. — Ransomware attackers have been targeting the food, beverage and agriculture industries in recent years. From 2018 to May 2023, about 157 businesses were known to have been hit by the attacks, according to a Comparitech study, and 696,832 individual records were breached.
Maple Leaf Foods Inc., Toronto, and JBS USA, Greeley, Colo., have been attacked during the past few years. The most pressing problem these companies face is downtime, which caused around $1.36 billion in downtime losses.
Indeed, following a cyberattack that occurred at Maple Leaf Foods in November 2022, the company had to find “manual workarounds” to keep operations going.
“A ransomware attack can cause around a week (of) downtime, therefore a weeks’ worth of revenue loss is huge,” said Rebecca Moody, head of research at Comparitech, a company focused on helping businesses improve cybersecurity.
The food and beverage industry has seen an uptick, in particular food processing, in attacks over the past year because of the disruption it causes to the manufacturing processes.
“I think what it boils down to with the food and beverage industry (is) it’s not so much about the data, but with the industry is you’ve got customers to serve, manufacturing processes, (and) you need to fulfill orders,” Moody said. “Once they (attackers) encrypt the systems, you go down immediately and your business stops, money stops coming in. So, the quickest way to get yourself out of it is to pay the ransom. I think that’s the primary focus within this industry is to cause massive disruption.”
Downtime from attacks may be between a couple of hours of disruption or seven months of systems not being at full capacity, according to the study. The study also stated the average downtime from attacks increased dramatically in 2021 with over 11.5 days lost on average.
Attacks may come in various forms, like system encryption and “leakware,” but phishing emails are the most common.
“Employees will get an email that has a link in it and (if opened) releases the ransomware into the system,” Moody said.
She added there are a few things employees can look for in a phishing email, which may help prevent an attack.
“Poor spelling, it’s not a personalized email, you don’t recognize who it’s from, and if it includes a link,” she said. “When in doubt, always send it to the IT department.”
A USB device also may cause damage to a company’s system.
“A USB is a new device to your computer, and you should be careful that it doesn’t transfer things onto your device, especially now that people are working from home,” Moody said. “It’s basically check, check, and check again to be overly cautious.”
To combat ransomware attacks, companies can provide training for employees.
“Start with the basics,” Moody said. “Making sure everyone knows what it is and how it works, what the risks are and how employees will get targeted.”
Keeping systems up to date is another way to prevent attacks.
“Making sure you have the nicest fire walls, the latest software, and keeping the IT department up to speed on trends,” Moody said.
Companies that have been hit may often not disclose they have been a target of ransomware attacks, but Moody believes there needs to be more conversation around the topic.
“I think people don’t want to say it happened because they might get targeted again, but awareness is key to helping other people and if we talk about it, it might help other companies,” she said.