Throwback Attack: Dairy giant forced to halt production because of ransomware

Courtesy: CFE Media
Courtesy: CFE Media

When you think cyberattack, you probably think of nuclear plants or power grids being hacked. But what about dairy farms?

The food and agriculture sector is one of many parts of the global economy and plays a crucial role in meeting the world’s growing demand for food. This sector encompasses all activities related to the production, processing, distribution and consumption of food and agricultural products.

In October 2021, dairy giant Schreiber Foods fell victim to a cyberattack on their critical systems that disrupted and affected their ability to receive raw dairy. While the attacker is still unknown, this “cyber event” would go on to cause a dairy shortage just in time for the holiday season.

Other cyberattacks on the food and agriculture sector

Because of the ease of attacking food and beverage facilities, cyber incidents have been proliferating throughout the space — especially with Ransomware-as-a-Service (RaaS) becoming more readily available. According to Claroty, More than “40% of food and beverage-sector respondents had their OT environment impacted by a ransomware attack in the past year” with 50% of those victims reporting a substantial disruption.

In May 2021, JBS, one of the world’s largest meat processing companies, experienced a ransomware cyberattack that impacted its operations in the United States, Canada and Australia. The attackers, believed to be from a Russian-based criminal group called REvil, demanded a ransom of $11 million to restore JBS’s systems.

The attack disrupted JBS’s meat processing operations, causing some plants to shut down temporarily and leading to concerns about potential meat shortages. However, JBS has stated that it was able to quickly restore its systems and did not believe any customer, supplier or employee data was compromised. The FBI confirmed that the ransom was paid to the hackers, but that they were able to recover a significant portion of the funds.

The JBS cyberattack highlights the vulnerability of critical infrastructure and the increasing frequency and sophistication of ransomware attacks targeting large companies.

Another cyberattack on the food and beverage industry occurred when Molson Coors suffered a breach that caused a temporary halt in production. The downtime from mitigating the attack caused serious company losses, but they were able to ramp up production at a reasonable pace.

Schreiber Foods cyberattack

Schreiber Foods has established itself as an industry titan, producing 75% of yellow cheese that goes on fast food, as well as producing plenty of sour cream.

The ransomware attack on Schreiber Foods occurred in October 2021 and targeted their dairy computer systems, causing disruptions in production and supply chain operations. The dairy computer systems are a major part in milking cows, determining the quality of raw milk and organizing the inventory. As a result, the company was unable to fulfill orders for dairy and cheese, leading to shortages at grocery stores and restaurants across the country. The incident was a reminder of the growing threat of cybercrime to businesses, regardless of their size or industry.

According to Wisconsin State Farmer, “It’s a lose, lose, lose scenario — the farmer, the cooperative, the cheese plant and other companies that buy ingredients from Schreiber.”

Schreiber Foods is just one example of the multiple known (and probably unknown) attacks happening on the food and beverage industry. Hackers are using increasingly sophisticated methods to breach their systems, like RaaS. This is particularly concerning in the food and agriculture sector, where a cyberattack could have serious implications for public health and safety.

According to Wisconsin Public Radio, researcher John Hoffman stated that, “They tend to have older software, they tend to have older devices and they’ve been working for a long time. They’re still doing exactly the same thing. So if the device works and the software works, ‘don’t fix something that’s not broken’ is kind of the view of it. The truth, however, is these devices are vulnerable.”

The industry’s supply chains are complex and interconnected, with many businesses relying on each other for the production and distribution of food products. A cyberattack on one company can quickly spread to others, causing widespread disruption and potential health risks. The Schreiber Foods incident highlighted the need for businesses in the food and beverage industry to take cybersecurity seriously and implement measures to protect their systems and data.

The consequences of an attack on a food or beverage company can be severe. In addition to production and supply chain disruptions, a cyberattack can lead to data breaches and theft of sensitive information, including customer data and financial information. This can have long-lasting effects on a company’s reputation and financial health.

The Schreiber Foods cyberattack was a wake-up call for businesses in the food and beverage industry to take cybersecurity seriously. As the threat of cybercrime continues to grow, it is essential that companies invest in the necessary resources and expertise to protect themselves and their customers from potential harm.




Keep your finger on the pulse of top industry news