Food manufacturers top three for ransomware attacks

Food-manufacturers-top-three-for-ransomware-attacks.png
Food manufacturers rank highly as targets for ransomware attacks

Food and drink firms were the third most targeted sector in the manufacturing industry for cyber-attacks, according to new research from cybersecurity firm Dragos.

The second quarter of 2023 saw 14 ransomware attacks against food and drink manufacturers globally, the third highest after equipment manufacturers (26) and electronics manufacturers (23).

Manufacturers were the most targeted for cyber security attacks, with 177 reported cases of ransomware against businesses in the second quarter alone – 70% of all alleged attacks. This was up from 143 in the previous quarter.

In total, Dragos detected 253 ransomware incidents in the second quarter of 2023, an 18% increase from the previous quarter. Of these attacks, 120 were reported in North America, 77 in Europe, 35 in Asia, 10 in South America, four in Africa, four in the Middle East and three in Australia.

Rapid growth of ransomware ecosystems

Dragos senior threat analysist Abdulrahman H. Alamri said: “The rise in ransomware attacks on industrial targets and their consequential impacts highlights the rapid growth of ransomware ecosystems and the adoption of different tactics, techniques, and procedures by these groups to achieve their objectives.”

Ransomware attacks are a threat to the entire supply chain. An incident further up the chain may not immediately affect a food business, the consequent delays it can create can prove devastating, especially for our just in time system.

An example given by Dragos was an incident involving and attack on the Port of Nagoya in Japan, which impacted the port’s operations and subsequently affected the supply chains of other industrial organizations, including the Toyota packaging line.

More to come…

Alamri said this wasn’t a problem that will be going away any time soon: “Dragos assesses with high confidence that ransomware will continue to disrupt industrial operations, whether through the integration of operational technology (OT) kill processes into ransomware strains, flattened networks allowing ransomware to spread into OT environments, or precautionary shutdowns of production by operators to prevent ransomware from spreading to industrial control systems.

“Due to the changes in ransomware groups, Dragos assesses with moderate confidence that new ones will continue to appear as either new or reformed ones in the next quarter. As ransomware groups’ revenues continue to decrease due to victims’ refusal to pay ransoms and government efforts to prohibit this, Dragos assesses with moderate confidence that ransomware groups will increase their efforts to cause damage to industrial organizations in an attempt to fulfil their financial objectives.”

Meanwhile, as food processors aspire to implement the latest technology and digitisation, what is preventing cyber-criminals from ruining everything? Food Manufacture spoke to experts in the field of cyber security to explore how manufacturers can get one up on would-be hackers.