Post-Ransomware Attack: Is it Time to Return to True Systems Segmentation?

In the end, food companies must balance the process efficiencies and controls that data transmission and functionality over the internet provide with the risk of cyberattacks that cripple production.

August 8, 2021
Brent Johnson
Holland & Hart LLP
James Thew Adobe Stock 263959295
James Thew AdobeStock_263959295

A sizeable chunk of meat production in the United States ground to a halt on June 1 when a band of hackers (or maybe just somebody in pajamas) located in Russia (or maybe Eastern Europe) launched a cyberattack against JBS USA’s servers in North America and Australia. The company announced that no customer data was compromised, but customer data wasn’t the point of the hack. The JBS cyber intrusion was a ransomware attack. The hackers wormed their way into the company’s administrative and process control systems, encrypted them and demanded a king’s ransom to give them back. Within days, JBS transferred $11 million in cryptocurrency to the virtual kidnappers to re-gain control of its systems.

Most companies have IT departments. It has become a yearly ritual to receive training on how to pepper spray cyberhackers who seemingly lurk around every corner. It is a wonder that CIOs can sleep at night knowing they are one employee click away from catastrophe. 

While there are anti-phishing and malware defense tools available, there are no guarantees they work in all cases. Hackers don’t have day jobs. They have nothing to do but invent new attack methods.

Companies rely on a variety of defenses to protect against ransomware attacks. These practices were recently distilled by the Biden Administration in its June 2 letter to businesses. The White House’s recommendations include: (1) multi-factor authentication; (2) data encryption; (3) endpoint detection and response tools; (4) offline backup of data and systems; and (5) updating and patching systems.

It should be observed that the White House strategies focus on systems that can be hacked because they are online. At the end of the administration’s letter, however, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, suggests process system segmentation. “It’s critically important that your corporate business functions and manufacturing/production operations are separated and that you carefully filter and limit internet access to operational networks...,” she adds.

It wasn’t long ago that the industry standard for manufacturing was segmentation. Process control networks were closed systems largely inaccessible from the internet. Think voting machines. Americans have been assured that hackers cannot alter elections because ballots are not recorded online (although certain voting machine manufacturers have acknowledged they place modems in some of their scanners to more quickly retrieve and relay data).    

Over time, however, companies decided the business risk of not being able to access their process control networks to make adjustments to production and obtain analytics was greater than the security risk of moving their systems online. While giving manufacturers more precise control over their processes, this paradigm shift has made them vulnerable to cyberattacks.

Unfortunately, the food industry is particularly susceptible to ransomware. Unlike automotive manufacturers, which deal with relatively predictable components like steel, aluminum, fiberglass and electronics, the food industry’s stock in trade are plants and animals. Organic matter is not homogenous. Product consistency demands constant monitoring. And, if the process controls are even slightly off, food and beverages end up with uninvited guests such as salmonella, e-coli, listeria, etc.

Food production also involves a wide range of discrete tasks such as cooking, boiling, centrifuging, mixing, filtering, extracting, fermenting, distilling, crushing, drying, sterilizing and pasteurizing, to name a few. All of these processes must be continuously monitored and real-time adjustments made to ensure safe and consistent products. The processes are specially designed to meet the requirements of the particular food. Sensors are placed throughout the production line to collect data, which is analyzed and reported by custom software applications. This data is not just of interest to food companies; its collection and maintenance are critical to federal regulators, such as FDA in evaluating compliance with cGMPs during 483 inspections.

The question is how much control the production team is willing to cede to allow the IT group to sleep better at night. Here are some of the options: 

1.           Air gapping the production network. Air gapping is physically isolating a network from any form of internet or LAN access. No one from the outside can hack into the network unless they are able to install malware using a portable media (a thumb drive, for example). Such malware is known as “sneakerware,” which is downloaded on foot. Air gapping creates its own challenges, such as system updates that must be done manually. 

2.           Segmentation using a data diode. Data diodes are one of the original network controls. They are “one way” hardware devices that allow data to be sent from the process control networks to the administrative networks only. The process control networks cannot be accessed from the administrative networks. Data diodes are not completely secure, however, because there is always a possibility that hackers will find and exploit vulnerabilities in the devices. That said, data diodes create significant barriers to hacking. In established systems, the major functional problem is that the process control networks expect responses that are no longer being provided, which can cause the process control networks to malfunction.

3.           Segmentation using a next-generation firewall. This strategy allows the policies between the process control networks and the administrative networks to be enforced and the traffic monitored. Care must be taken to limit the ports and protocols allowed to and from the process control network. Having a firewall provides little benefit if the same ports and protocols allowed on the administrative network are allowed on the process control network. Another approach to limit exposure on the process control network is to allow traffic only to specific devices. For example, if there are 200 devices on the process control network and only two need to communicate with the admin network, the firewall can limit communications to those two devices using their Internet Protocol (IP) addresses. Of course, if firewalls were the answer to hacking, almost no one would be hacked. Most companies install firewalls, but immediately start poking holes in them during the configuration process.   

4.           Network segmentation using virtual local area networks (VLANs). This is segmenting a physical network virtually. Some food companies attempt to use VLANs as security mechanisms, and they provide some benefits. However, the benefits are limited due to the vulnerabilities with the technology and the ease that users can transverse from one VLAN segment to another. VLANs are best used to add structure to network management.

In the end, food companies must balance the process efficiencies and controls that data transmission and functionality over the internet provide with the risk of cyberattacks that cripple production. This is not an easy task by any stretch. But, food makers must be clear eyed. Their production processes are extremely sensitive, and more importantly, are participants in an industry of critical importance, making them prime targets of hackers.       

Related
Artem Adobe Stock 423257572
JBS Falls Victim to Ransomware Attack
June 2, 2021
Adobe Stock 342264396
How Supply Chain Visibility Helps Manage Risk
May 14, 2021
Technology tools and solutions will help companies shift focus from one-off checks to continuous monitoring and improved visibility of the whole supply chain.
Providing Safe Food in an Unsafe World
April 7, 2021
Recommended
Baltimore Bridge Christine Adobe Stock 769092028
How Baltimore Bridge Collapse Continues to Impact Shipments
Baltimore is running out of freight to pick up due to the lack of inbound shipments, so the containers at port have been sitting for a while.
April 17, 2024
Women In Supply Chain Vertical Color
Nominations Close June 7 for 2024 Women in Supply Chain Award
This award recognizes female supply chain leaders and executives whose accomplishments set a foundation for women in all levels of a company’s supply chain network. Submissions close June 7!
April 1, 2024
Adobe Stock 207220202
SCN Summit: State of the Supply Chain
June 4, 2024
Register
Register now to hear from experts about the State of Today’s Supply Chains through topics revolve around Warehouse Automation, Generative AI, Automation, Electrification, Company Culture and more.
Latest
Panuwat Adobe Stock 483325594
Improving Traceability with a Warehouse Management System
Technologies like warehouse management systems (WMS) are offering a better way for retailers to gain real-time visibility into inventory levels, locations, and movements.
April 9, 2024
Stock End To End Visibility
ERP’s Direct Impact on Quality and Efficiency in Food Manufacturing
With the addition of an ERP solution, manufacturers can benefit from a centralized business management system, acting as a single source of truth.
April 2, 2024
Chesky Adobe Stock 541103075
Dock-to-Dock Track-and-Trace Platform for Food and Beverage Brands
Sojo Industries released Sojo Shield, a first-of-its-kind dock-to-dock software platform that provides immediate and accurate reporting on critical tracking events such as shipping, receiving and transport.
March 19, 2024
Kamonrat Stock adobe com
3 Key Areas to Prioritize for Improved Management of Cold Chain Logistics
Given the size and growth of this complex logistics segment, logistics leaders must improve the control and performance of cold chain management.
March 19, 2024
Produce Pay Visibility
Visibility Solution to Improve Transparency and Reduce Waste in Fresh Produce Supply Chain
ProducePay announced a new Visibility solution to provide fresh produce marketers and retailers full transparency of produce shipments from farm to fork.
March 18, 2024
Copeland Desktop Mobile Products Mexico To Canada
Rise in Cargo Theft in Cold Food Chain
Food Logistics talks exclusively with Amy Childress, VP of monitoring, cargo for Copeland, about the reason behind cargo theft’s unprecedented increase and more.
February 21, 2024
Jack F Stock adobe com
How Item-Level Traceability Technology is Transforming Food Safety and Quality
To mitigate risk, ensure compliance, and solidify customer loyalty throughout your company, embrace item-level traceability solutions today.
March 14, 2024
Lomiso Adobe Stock 200857846
Minimizing Perishable Food Spoilage in Supply Chains
Reducing perishable food spoilage in supply chains requires a combination of proactive measures, strategic planning, and collaborative partnerships—all of which can be powered by insights from reliable data.
March 12, 2024
Don Durm 20231703 2
Rock Stars of the Supply Chain: PLM FLeet's Don Durm Details Food Safety Best Practices
Don Durm, VP, customer solutions for PLM Fleet, was named one of our Lifetime Achievement award winners from this year’s Rock Stars of the Supply Chain award.
March 11, 2024
Stock Work Photo
Why Collaboration is Key to Mitigating Supply Chain Risks Along the Cold Food Chain
Food Logistics talks exclusively with Stephen Dombroski, director, consumer markets, QAD, Inc., to detail why learning about, understanding and managing some of the lesser-known and publicized issues can contribute to a more resilient cold supply chain.
February 21, 2024
Cobalt Xs In Situation (1)
Data Logger for Agri-Food, Logistics Environments
Dickson introduced Cobalt XS, a data logger built to monitor temperature and relative humidity of temperature-sensitive products, storage facilities, equipment and more.
March 6, 2024
Diy13 Adobe Stock 531607815
How Biomimicry Technology Can Pave the Way for More Sustainable Agriculture
While there are a lot of benefits to implementing biomimicry solutions in agriculture settings, it is still in its infancy in terms of impact.
March 5, 2024
Tony Pelli
Rock Stars of the Supply Chain: BSI's Tony Pelli Talks Risk Management in Cold Chain
Tony Pelli, practice director, security and resilience for BSI, was named one of our Rising Stars from this year’s Rock Stars of the Supply Chain award.
March 4, 2024
Fullempty Adobe Stock 43358623
Making Great Strides in Removing PFAS in Frozen Food Packaging
Removing PFAS from feedstocks, products and packaging is inconvenient and can be costly, but doing so ensures a PFAS-free future.
February 26, 2024
Relex Mobile Pro
AI-Driven, In-Store Execution Application Simplifies Fresh Item Replenishment
RELEX Solutions introduced RELEX Mobile Pro, an advanced artificial intelligence (AI)-driven in-store execution application for retailers, suppliers, wholesalers, and manufacturers to consolidate their many in-store tools and processes.
February 15, 2024
Rock Stars Of The Supply Chain Resized
Rock Stars of the Supply Chain: Disrupting Supply Chain Disruptions
Supply chain rock stars are the backbone of the cold food chain. Meet the winner's of this year's Rock Stars of the Supply Chain award.
February 7, 2024
Andrey Popov Adobe Stock 362224432
Wireless Charging Plants a Sustainable Future for Smart Farming
Wireless power supplies smart farming devices with continuous energy, eliminating the need for frequent battery changes or cord management.
February 13, 2024
New Africa Adobe Stock 240147049
Butter Shortage: The Perfect Storm of Climate Change and Inflation
Extreme weather is predicted for the year ahead, and resulting shortages of food commodities will continue to impact consumers on a global scale.
February 9, 2024
Stock Robotics
How Automation Can Solve Problems in the Food Supply Chain
Automation allows farmers and food distributors to streamline their supply chains, relying on less labor to get their goods to market.
February 1, 2024
Dusan Kostic Stock adobe com
4 Issues Impacting Agribusiness in 2024
In 2024, aim to implement active risk management practices, obtain sufficient insurance and improve employee benefits and training to deal with the labor crunch.
January 23, 2024
Petunyia Adobe Stock 63677851
Alliance for Sustainable Packaging for Foods Aims to Reduce Packaging Waste
The alliance prioritizes engagement with the ongoing interinstitutional negotiations in the EU on the revision of applicable packaging and packaging waste rules, and the P2 and other packaging-related regulatory developments in Canada.
January 16, 2024
Stock Meat Grocery
What the White House Council on Supply Chain Resilience Means for the Cold Chain
Leveraging the right strategies, global standards, and technologies is critical to keeping operations agile, and remaining resilient in an era of constant disruptions and risk.
January 16, 2024
Plex Computers
Why Adapting to Evolving Regulatory Challenges is Pertinent in 2024
In an exclusive interview with Jim Bresler, director of product management, food and beverage, Plex by Rockwell Automation, talks about why companies need to adapt to ongoing predictable supply chain disruptions in order to succeed in the New Year.
January 3, 2024
I Qoncept Adobe Stock 88592838
Why Improved Traceability is Key to Combating Counterfeiting
Through the use of secure coding and marking devices, which leverage laser and spray technologies to print on almost any surface, businesses can create unique product identifiers for improved visibility along the supply chain.
December 28, 2023