If you’re watching the news at all these days, you’d do well to take note of a few ransomware and cyber-attacks making major headlines. The Colonial Pipeline, transporting nearly 45% of all fuel consumed on the East Coast, was hit in May shutting down gasoline distribution and sending families from the east coast to Texas into panic over potential gas shortages and price hikes.
The recent JBS cyber-attack impacted five of America’s largest beef plants from complete shutdown to cancelled shifts and the economic fallout from that remains to be seen, but with JBS being the leading supplier of beef in the United States don’t assume the next time you want a good beef tenderloin you might not pay a pretty penny for it.
These attacks are not going away.
In fact, these coordinated attacks are increasingly the threat of choice regardless of industry.
In 2019, a $52 million attack halted production and caused a switch to manual operation striking Norsk Hydro, one of the world’s largest producers of lightweight metal. The year before, a cyber-attack caused an estimated loss of $170 million, to one of the largest manufacturers in Taiwan. Remember the 2003 Blackout in the Northeastern part of the United States? That attack left people without power for 4 days causing billions of dollars in economic upheaval.
Progressively intelligent and inventive hackers are diving headlong into disrupting systems across the globe. With aging infrastructure across the United States and legislation currently stalled out in Washington it is incumbent on municipalities and companies themselves to focus on their own cyber security.
Consider the risk.
“There have been more than 40 publicly reported ransomware attacks against food companies since May 2020,” said Allan Liska, senior security architect at cybersecurity analytics firm Recorded Future.
According to KnowBe4, a provider of security awareness training, the average downtime resulting from a ransomware attack is 9.6 days. What would that mean for your production line? A costly interruption at the very least.
Mitigate your risk and plan now for a system-wide Cybersecurity Risk Assessment on industrial automation and control systems (IACS). Part of that risk assessment entails identifying threats to and vulnerabilities in the existing IACS cybersecurity.
When vulnerabilities exist within a network that is not segmented properly between different plants or systems, companies and municipalities open themselves up to greater risk. Foundational to evaluating risk is Restricting Data Flow ensuring the control system is logically segmented into different zones and the flow of data is limited between these zones.
How many companies lie behind the belief that “it will never happen to us?” Don’t take a chance, reach out today and let us perform a risk assessment and help protect your production lines from cyber-attacks.
Senior Electrical Engineer
ISA/IEC 62443 Cybersecurity Fundamentals Specialist ISA/IEC 62443 Cybersecurity Risk Assessment Specialist Huffman Engineering
Huffman Engineering, Inc. (HEI) is an engineering services firm specializing in control system integration, design, and engineered studies. Our start-to-finish project expertise includes design, development, implementation, support, testing, and operator training serving industrial customers and municipalities, with a focus on pharmaceuticals, life sciences, utilities, and food & beverage. HEI has a 34-year history of delivering system integration projects and building robust, reliable automation systems for highly regulated industries meeting stringent regulatory requirements including the FDA, USDA, and EPA among others. HEI is a CSIA Certified control systems integration company, with a highly-skilled team of electrical/mechanical engineers, and experienced technicians who deliver optimal industrial automation solutions. Based in Lincoln, Nebraska, Huffman Engineering has served the Midwest since 1987.