From Farm to Firewall: Protecting Food Manufacturing in the IoT Era

From smart sensors monitoring crop health to automated warehousing systems, Internet of Things (IoT) devices improve efficiency and traceability across the food processing supply chain. As the agri-food sector increasingly adopts these new technologies, it adds new attack vectors that malicious actors can exploit. According to the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC), ransomware attacks against this sector accounted for 5.5% of all attacks and were primarily financially motivated. A ransomware attack against the agri-food sector impacts the victim organization and the entire food supply chain, impacting food availability and customer prices. 

Even more concerning, an attack against industrial control systems (ICS) and IoT devices could seek to manipulate food safety data. For example, food manufacturers increasingly use IoT sensors to trace food origins, and unauthorized changes could hide the source of contamination, ultimately impacting human health. 

To implement the appropriate security controls, food manufacturers need to understand the risks they face and adopt processes for mitigating them. 

The Role of IoT in Food Processing

IoT improves overall operational efficiency while enhancing food traceability and safety. For many businesses, these technologies enable healthier crops and optimized resource use. 

Monitoring Crops with Sensors

Sensors collect data that can identify issues across agricultural operations. For example, sensors can track conditions that impact yield like:

• Soil moisture
• Temperature
• pH level

Additionally, drones equipped with IoT technology gather data on crop growth and weather patterns. With these insights, businesses can make informed decisions about irrigation and fertilization that improve crop health and reduce resource use. 

Food Traceability

IoT enables businesses to track food products’ journey from source to consumer. In a food safety crisis, this precise and transparent data enables rapid identification of quality or contamination issues to:

• Minimize impact
• Maintain food product quality
• Build customer trust

Advanced Automation in Warehousing

By using IoT to advance warehouse automation, businesses gain real-time tracking that reduces spoilage and waste by:

• Monitoring stocks levels
• Tracking expiration dates
• Detecting early signs of spoilage
• Limiting pest infestations

Optimizing Crop Storage

With IoT sensors, the agri-food sector can improve freshness and enhance inventory management with real-time information about storage conditions. For example, sensors can provide insight into:

• Stock levels
• Conditions, like temperature, moisture levels, humidity, air quality
• Pest infestation

Using data to detect patterns and trends, businesses can predict maintenance needs or optimize storage practices that improve food quality and operational efficiency.

Why do Cybercriminals Target Food Manufacturers?

Cybercriminals target food manufacturers because they see the industry as vulnerable. Attackers may choose to target the food industry for the following reasons:

• Lack of Cybersecurity Investment: Food manufacturers operate on slim profit margins which leaves little money to invest in security technologies. 
• Introduction of Counterfeit Products: Cybercriminals may access distribution systems and introduce fake products, risking food safety and brand reputation.
• Phishing Tactics: Lack of cybersecurity budget can negatively impact employee cybersecurity awareness capabilities, making it easier to successfully trick people into clicking on malicious links or downloads.

How do Cyber Threats Affect the Food and Agriculture Sector?

The food industry is highly interconnected, meaning that a successful attack that disrupts warehouse or transportation systems can impact the entire food supply chain. 

Impact on Food logistics

Cybercriminals can exploit weaknesses in IoT technologies connected to logistics systems. Successful attacks can stop food production and distribution, leading to shortages and increased costs across markets.

Supply Chain Disruption

Cybercriminals target automated systems which can compromise the entire supply chain. For example, a cyber attack against Dole Food Company shot down North American production plants that stopped food shipments to grocery stores. 

Financial Impact

According to the 2024 Cost of a Data Breach report, the average data breach costs $4.88 million, a 10% year-over-year increase. When calculating a data breach’s potential financial impact, organizations should consider the following:

• Restoration and recovery costs
• Business disruption
• Customer notification costs
• Legal and regulatory costs, like responding to lawsuits or fines for compliance violations

Customer Trust and Health

In the food industry, a cyber attack can cause damage to customers beyond the impact to their data. When cybercriminals deploy ransomware attacks, they increasingly steal data to “hold it hostage,” trying to force organizations to pay the ransom. Additionally, attackers could attempt to manipulate information to conceal food contamination, ultimately harming people’s health. 

Challenges for Securing IoT

While IoT offers benefits, it comes with new risks. Many agri-food organizations face challenges when trying to secure their IoT deployments. 

Lack of Visibility

Many organizations struggle to identify all IoT devices connected to their networks, creating a shadow IT problem. When organizations manage to identify and inventory the devices initially, they still have an ongoing management and visibility issue since new IoT devices are added to the network regularly. 

Lack of Standardized Security Requirements

While various industry organizations and regulatory agencies have begun creating standards to define IoT security, no consensus exists yet. IoT device manufacturers are not bound by a consistent set of security guidelines, meaning that every device can create a unique risk. 

Failure of Traditional Security Tools

Traditional vulnerability tools use active scanning, meaning that they send requests to the endpoints and assess the responses. By simulating an attack they can uncover security weaknesses. However, these processes can impact IoT device availability, disrupting business operations. 

Infrequent Security Updates

Alongside the lack of standardized security requirements, IoT devices often run on firmware that their manufacturers update infrequently. Organizations often need to proactively look for updates or implement compensating controls that mitigate risk. 

Best Practices for Securing IoT in Food Manufacturing

As IoT becomes increasingly vital to the agri-food industry, organizations should consider the following best practices for securing their connected devices:

• Use passive scanning to identify devices and collect information about hardware, software, device type, and function
• Assess risk by incorporating context like device importance, network neighbors, exploitability, and difficulty of exploiting the device
• Implement a targeted segmentation strategy that categorizes devices based on similar exploit vectors and keeps similar devices on the same logical network segment
• Disable unnecessary features and services to limit connectivity and functionality
• Maintain a security configuration and monitor for configuration drift when adding new devices to the network or updating firmware/software
• Create a baseline of normal device activity and monitor for anomalous behavior that could indicate risky connections, like with an attacker command and control (C2) server

Asimily: IoT Security Solution for Food Manufacturing

Asimily is purpose-built to manage IoT devices so that organizations have visibility into and control over their fleets. Our platform provides context, taking into account vulnerabilities and the IT environment, so organizations can mitigate risk more effectively. 

Organizations efficiently identify high-risk vulnerabilities with our proprietary, patented algorithm that cross-references vast amounts of data from resources like EPSS (Exploit Prediction Scoring System), Software Bills of Material (SBOMs), Common Vulnerability and Exposure (CVE) lists, the MITRE ATT&CK Framework, and NIST Guidelines. It understands your unique environment, so our deep contextual recommendation engine can provide real-time, actionable remediation steps to reduce risk and save time.

To learn more about Asimily, download our IoT Device Security in 2024: The High Cost of Doing Nothing whitepaper or contact us today.