The pandemic that's plaguing the digital world now is cyber-attacks. Almost all industries have fallen prey to it and of course, the Food and Beverage industry is no exception. In this article we will be talking about different types of cyber attacks and the wreck they can cause.
Technology has become the walking stick to every industry’s limp. But the rise of the digital wave has brought in high risks of data breaches in tandem. Cyber-attacks have the power to break a successful firm and can leave the firm in a milieu of acute reputational and monetary loss. With the rise of the Internet of Things, one hacked IoT device can grant the hacker access to all the crucial systems and sensitive data of the firm. The General Data Protection Regulation (GDPR) legislation enforces firm guidelines on the procurement, processing, and management of personal data. Violation of this legislation imposes stringent fines up to 20 million EUR or 4% of the company’s turnover. In case of a data breach where the personal data is likely to lead to risks for rights and freedoms of data subjects, the GDPR mandates that the firm notify all those who are affected, which in turn can again lead to added costs.
The most common threat that the Food and Beverage industry faces is the ransomware attack. The Cybercrime Magazine estimates that the with the damages caused by ransomware attacks can amount to almost 20 billion USD by the end of this year. Ransomware is software that pervades the victim system and shuts down operations till a particular fee is paid to the perpetrators. The organization loses control of its system and its data till they pay the stated fee to retrieve control of the same. This malware works by encrypting the data on the system and holding the files hostage in exchange for a hefty sum of money. Upon receiving what they asked for, the perpetrators share the decryption key to the organization which enables them to get back control of their systems. In most cases, ransomware attacks, apart from leading to a huge loss of money, can also lead to compromised sensitive data, if the attackers made a copy of the data they seized.
Several food and beverage companies have fallen into the ransomware trap. In 2020, REvil, a ransomware attacked an American food supplier company - Harvest Sherwood Food Distributors, by holding hostage close to 2500 files, including vendor information, images of people employed with the firm, distributor data, and sensitive insurance content. The ransom amount was a whopping 7.5 million USD.
Another top organization that was crippled by a ransomware attack is the global snack company Mondelez, which lost close to a 100 million USD in ransom, technical and operative costs. This ransom affected the company’s financial network, sales, and distribution. It disrupted the company’s supply chain as a result of which the company’s sales dropped down by almost 140 million USD. This attack ceased production activities at their Cadbury factory in Africa, where the computers shut down. Invoices were cut short and logistics suffered a colossal hit.
Another type of attack meted upon this industry is the DDoS attacks. DDoS or distributed denial of service attack is a malicious attempt to havoc the regular traffic of a website. You can think of a DDoS attack as a sudden traffic jam obstructing the roads, thereby blocking the usual traffic from reaching its destination. The DDoS attack causes the website to crash or become unavailable to the users, thereby putting a halt to all transactions that could take place on the website.
In 2020, a German Food Delivery Service, Liefrando, which operates with close to 15,000 restaurants, was subjected to this fatality. The perpetrators demanded ransom money of 2 bitcoins, worth approximately 65,000 USD. This attack caused extensive delays in the processing of food orders and disrupted the entire functioning of the organization.
Next, we have the phishing attacks, which is currently on an upswing. Phishing attacks, a type of social engineering attack, aim to secretly install malicious software or trojans into an organization’s IT infrastructure and gain access to its confidential data. It is often carried out when a perpetrator impersonates as a trusted entity and tricks the victim into opening an email or message that triggers the release of the trojan into the system. Social engineering techniques like pretexting and baiting are other ways common ways by which perpetrators get into the IT environment of these industries.
Called the easiest industry to infiltrate, the Food and Beverage industry’s data security norms aren’t always in their most robust form. However, the monetary expense encircling this issue has magnetized sufficient attention in the recent past which has lead to a shift towards more secure and resilient cyber systems. So what are the measures that can be taken to curb cyber-attacks and ensure data protection? Check out https://www.foodstheword.com/post/defense-against-cyber-attacks to know more!