Have you ever thought about the complex supply chain that ensures you will start your morning with some fresh-flavored yogurt, a bowl of cereals filled with milk, or a caffeine-pumped cappuccino?  These days it’s not just the cow, farmer, and nearest supermarket branch who are responsible for production and delivery, but also the Chief Information Security Officer (CISO) who keeps the dairy industry’s continuous production up and running.

In recent years, at least seven global dairy distributors have fallen victim to sophisticated cyber campaigns, resulting in disrupted production, hefty ransom payments, and a tangible danger to the global food supply. This article explores the alarming rise of interest by threat actors, cybercriminal groups, and state-sponsored groups alike in the dairy sector and its horrendous consequences on sustainable food security.

Don’t [Wanna]Cry Over Leaked Data

The dairy industry is facing a game-changing menace —high-profile targeted cyber threats.

The dairy sector’s economy cannot be underestimated. with a market share valued at $893 billion in 2022 and projected to reach $1.243 trillion by 2028, (a 5.79%. CAGR growth rate), and with the world’s population exceeding 10 billion by 2050, dairy commodities remain a fundamental building block in the average people’s diet. Unfortunately, this is what makes the industry an attractive target for threat actors who are looking for a piece of cheesecake.

The next time you’ll hear about a nationwide dairy shortage, it wouldn’t be a result of cattle Bovine spongiform encephalopathy (mad cow) disease, Acorn Toxicity, or even a PETA successful campaign, it would be because clever threat actors breached and halted production in one of the major dairy distributors around the world.

Who Leaked My Secret Recipe?! Notable Cyber Attacks in the Dairy Industry

Over the past years, dairy giants have fallen victim to cyber-attacks, causing significant disruptions in dairy supply due to plant shutdowns, heavy financial losses, and even an unprecedented acquisition postponement. Some of the most notable incidents include DFI Retail Group (formerly Daily Farm), Dairy Queen, HP Hood Dairy, Schreiber Foods, Lion, Mondelz International, and Lactalis Group.

The REvil Group’s ransomware attack on Dairy Farm, demanding a $30 million ransom and risking data theft; multiple locations of Dairy Queen compromised across 46 U.S. states, potentially exposing customer payment card information; HP Hood Dairy facing cybersecurity events leading to temporary shutdowns of all 13 dairy plants, causing delivery delays and product spoilage; Schreiber Foods, one of Wisconsin’s largest cheese manufacturers, impacted by a cyber attack on their plants, distribution centers, and supply chain operations; Lion, one of Australia’s largest beer brewer and dairy processor, forced to halt production due to a cyber attack; Mondelz International’s ransomware attack disrupting production and delaying the Vegemite brand acquisition; and Lactalis Group experiencing a cyber attack targeting their servers, resulting in restricted internet access and potential data breaches.

Food Poison as a Service: Consequences of Cyber Incidents in the Dairy Industry

According to the American Food Protection and Defense Institute (FPDI), “Dairy processors, in particular, may face unique challenges in defending their computer operations because of their use of legacy systems”. The consequences of a successful cyber incident extend beyond financial losses and disrupted production. It can cause public health risks and safety concerns such as breaching the manufacturing floor, tampering with the added ingredients, Supply chain disruptions leading to food shortages, animal welfare concerns, and wasted products that cannot be stored for a long period, and trust issued with both consumers, investors.

Money is White and Smells Like Goat Cheese

As hackers increasingly exploit vulnerabilities in legacy systems, OT networks, and industrial control systems used in the dairy sector, it becomes imperative to protect the global food supply by prioritizing the dairy industry as a strategic threat and implementing advanced cybersecurity measures. Strengthening security requires a combination of strategies, best practices, and collaboration, such as patching critical systems, investing in modern infrastructure and technology, and improving regulation and security standards. Dairy giants with a significant impact on a large volume of people should enforce policies, enhance security measures, conduct regular employee training and awareness programs, perform penetration testing, and establish incident response teams. Premium cyber solutions, skilled IT staff, robust backup strategies, and comprehensive cyber awareness programs should be essential components rather than luxuries for these establishments to prevent disruptions in the food supply chain. The success of protecting against cyber threats relies on the committed collaboration of decision-makers in the dairy industry, cybersecurity experts, and government support through legislation.

Between Butter and Margarine

By recognizing the unique challenges faced by the industry, implementing robust cybersecurity measures, and fostering collaboration, the dairy industry can fortify its defenses and ensure the safety and integrity of the supply chain and continuous global food security. The only way to keep the milk flowing is by high investment, clear regulation, and enforcement. The time to act is cow.