By The Claroty Team | March 18, 2022

2021 saw a spike in organized cyber attacks impacting the food and beverage sector. Most notably, a June ransomware incident that forced JBS Foods—the world’s largest meat supplier—to shut down some of its plants and distribution operations. The company disclosed that it paid $11 million to the hackers behind the attack, identified by the FBI as the REvil ransomware-as-a-service group. The incident served as a wake-up call for many food and beverage companies, representing the shift from opportunistic, spray-and-pray cyber attacks to more deliberate, targeted campaigns against specific companies with low tolerance for operational downtime, such as JBS, with its massive scale and 24/7 production schedule.

Another ransomware-as-a-service incident—which forced NEW Cooperative to shut down its operations in September—came just weeks after the FBI issued a private industry notification (PIN) warning the food and agriculture sectors of the rising threat of targeted ransomware attacks. Following the incident, Claroty Chief Product Officer Grant Geyer noted that the incident should serve as a call-to-action for food and beverage companies to adopt best industrial cybersecurity best practices such as gaining complete visibility across their operational environments, continuously monitoring for threats to cyber-physical systems, and implementing industrial network segmentation to prevent the lateral spread of threat actors.

In an effort to better understand how industrial enterprises across all sectors are responding to mounting security challenges as digital transformation introduces new risk to cyber-physical systems, Claroty contracted with Pollfish to conduct an independent, global survey of 1,100 IT and OT security professionals for its latest Global State of Industrial Cybersecurity report. Our food and beverage industry snapshot zeroes in on the responses of the 36 respondents who work in the sector to glean insight into how its security practitioners are adapting to evolving challenges.

Here are some highlights:

  • More than forty percent of food and beverage-sector respondents had their OT environment impacted by a ransomware attack in the past year.
  • More than one third of food and beverage-sector respondents say the revenue impact of operational disruption caused by a ransomware attack would be at least a million dollars per hour.
  • Among food and beverage-sector respondents impacted by a ransomware attack, only 11% reported nonexistent or minimal disruption, while 51% reported substantial disruption.
For more food and beverage sector-specific insights from our global survey, download our Global State of Industrial Cybersecurity: Food & Beverage industry snapshot.