Cyberattacks, Hacking and Phishing Scams: the Food Processing Industry’s Multimillion-Dollar Problem

Food processing facilities have come a long way since pre-industrial days. Each year, food and beverage companies rely more heavily on automation, high-tech building management systems, remotely accessible machine sensors, modern data collection and the latest technology. While these innovations can help facilities run more smoothly, they can also leave them vulnerable to data breaches and cyberattacks. 

In 2020, the average cost of a cyberattack was approximately $3.86 million, according to the Association for Packaging and Processing Technologies (PMMI). When computer intrusions happen, cybercriminals are typically seeking out a company’s intellectual property or customer and client data that can be exchanged for digital currencies, like passwords, protected health information, personal identity information and credit card information. 

Every company will be targeted by a malware or ransomware attack at some point. It’s just a matter of when, so it’s vital to have a robust cybersecurity plan that protects your assets and information.

4 tips for preventing network hacking and data breaches

It is paramount to have in place a cybersecurity plan before an incident occurs. The last thing you want is to be left scrambling in the wake of a cyberattack.

1. Develop and implement a security awareness program

Every employee should be trained to recognize security attacks, especially considering 90% of all data breaches come through email.  One click — even an accidental one — can cascade into a company-wide ransomware issue that could potentially cost millions of dollars.  

Your program should also include a designated incident response team that works with your risk management department. As you build your team, make sure to include department representatives from human resources, information services and corporate communications. It’s also imperative that the incident response team has at least one engaged executive leader to champion the program and the team. 

You may need to outsource to fill the Information Technology/Information Services (IT/IS) role on the team if there is not a qualified expert on your staff who can run a forensic diagnosis in the event of a data breach. 

2. Set security standards

Draft a clear security policy framework using a standard like those of the National Institute of Standards and Technology (NIST) or the Department of Defense Cybersecurity Maturity Model (CMMC). 

Use a maturity model to gauge where your company falls on the cybersecurity scale — a level one meaning there are little to no security policies in place, and a level five meaning a completely mature and automated plan. Most companies, especially in the food industry, sit around a 2.5 to a 3 level. They may have established operational controls, but are more reactive than proactive in implementing them. Use the results of the maturity model assessment to set cybersecurity goals for your plant. 

3. Make security part of your company culture

Security is not just an information technology problem. It is a company-wide challenge that employees should be keenly aware of year-round. According to PMMI, 11% of the most serious and damaging of all cyberattacks involve some kind of employee carelessness.

Some proactive security measures to consider adopting:

  • Connect remote workers with a secure virtual private network (VPN).
  • Implement multi-factor authentication. Passwords alone are not secure.
  • Make sure employees do not write down their passwords or leave other valuable information laying around. 
  • Safely dispose of documents containing private information.
  • Establish clear reporting guidelines for suspicious activities. 
  • Screen incoming suppliers at the door. 
  • Evaluate the physical security in your food processing plant.
  • Verify all wire transactions by phone. Do not rely solely on email confirmation.
  • Develop required training for on-boarding employees and require all employees to renew training at regular intervals to ensure everyone is aware of the latest threats and protections.  
  • Make sure you have a tested backup and recovery process to recover information that is lost or damaged during a ransomware attack. 

4. Investigate cybersecurity insurance

Obtaining cybersecurity insurance can offset your risk in the event of a data breach, especially if you are dealing with sensitive client information. The proper coverage can insulate your company from some of the losses in the event you are asked to pay a ransom. However, there is no guarantee cybercriminals will return key data, even if that ransom is paid. 

As technology evolves, so too must your cybersecurity plan

Your food processing facility may already have a cybersecurity awareness program in place. However, the work-from-home business model is presenting processing plants with new cybersecurity challenges, so you may need to reevaluate your plan. Additionally, consider that as technology becomes more sophisticated, so too will costly phishing scams and online threats.

Cybersecurity failures lead to reputational damage, not just monetary loss

In 2021, a hacker targeted a water treatment plant in Oldsmar, Florida, a small town near Tampa. The city’s water supply was nearly poisoned when the hacker infiltrated the plant’s remote access program and briefly increased the amount of sodium hydroxide in the water. Thankfully, a supervisor caught the online tampering and reversed the settings before any long-lasting harm was done. 

This instance proves that cyberattacks do more than hurt your bottom line. They can physically hurt your employees or customers and do irreparable damage to your company’s reputation. If the public learns of the hack, as they did in the water treatment plant case, you may lose its trust. That kind of loss is much harder to quantify than material damages and could even put you out of business.

Contractors can be the weak link

In recent years, the construction industry has become a big target for hackers. In fact, the construction industry was the most frequently hit by ransomware in 2021, according to IAT Insurance Group. This is partly due to the fact that construction companies often use enterprise data warehouses to store corporate data from operational systems in a cloud-based server or the company’s mainframe server. If left unprotected, hackers can access these servers and hold hostage key information affecting project timelines. 

In 2013, hackers breached Target’s security and accessed its network, taking over the national department store chain’s point-of-sale system. Over the course of several months, the cybercriminals were able to steal data on roughly 40 million debit and credit cards. Despite Target being a large corporation, and likely having a strong cybersecurity plan, the hackers were able to do this by stealing login credentials from one of Target’s heating, ventilation and cooling subcontractors. This is a strong reminder that it’s paramount that owners ensure there are no weak links in their operation. Vendors, as well as employees, must be compliant with your security program.

Before hiring a contractor to build or renovate your next food processing plant, you can download Stellar’s subcontractor prequalification checklist to verify they have a strong cybersecurity plan. Once you find the right fit, make sure to include security standards in any hiring contract you draft. 

What do you do after a hack?

If a cybersecurity hack occurs, ensure your incident response team is able to preserve as much of the evidence of the attack as possible to determine where it came from and how to clean it up. If you need to report the crime to authorities, there must be a clear chain of custody to help officials recover that information in a timely manner and have any chance at all of prosecution.

Once you determine how the attack happened, you will be able to see where your weak links are and train employees to recognize them moving forward. Be sure to close any loopholes the cybercriminals used to access your network, such as unpatched servers, weak passwords or unsecure exposed services.  

Finally, knowing the root cause of the attack and performing a cost-benefit analysis will help the incident response team determine how to best protect your data and intellectual property in the future — whether through new technology or by investing in additional cybersecurity measures. While this may drive up overhead costs, cyberattacks can have catastrophic results, so you cannot afford to be negligent. 

Want to learn more about how to protect your business from cybercriminals? Leave a comment below or email me at


Your email address will not be published. Required fields are marked *