Feature
Drinks industry faces cybersecurity challenges from smart manufacturing
As the beverage industry faces burgeoning cyberattack risks from automated systems, cybersecurity is a crucial investment, writes Sraddha Sabu.
Food and drink were the most targeted sub-sector of the manufacturing industry in Q3 2023.
For the complex, connected networks of manufacturing systems that span the globe, computer viruses can bring business operations to a standstill.
In 2017, a series of cyberattacks using the Petya malware infected thousands of servers and tens of thousands of laptops belonging to Mondelēz International brought production to a standstill at multiple factories owned by its Cadbury brand and cost nearly $200m in damages. In January this year, US wine producer Crimson Wine Group reported a cybersecurity breach involving hackers who had extracted potentially sensitive data.
Attacks are on the rise. According to one report, global cyberattacks more than doubled in 2023, with manufacturing found to be the second most at-risk industry, having faced a 165% increase from the previous year.
During Q3 2023, food and drink manufacturers in particular were the most targeted sub-sector of the manufacturing industry, according to research by cybersecurity firm Dragos.
Vinod D'Souza, head of manufacturing and industry at the office of the chief information security officer for Google Cloud, tells Just Drinks: “The manufacturing industry is a prime target for cyber attackers, who are increasingly using multi-faceted extortion and espionage tactics to gain access to sensitive data and disrupt operations.”
“Additionally, legacy operational technology (OT) systems could be exploited for their vulnerabilities. These attacks can be difficult to detect and mitigate, as they often exploit vulnerabilities in third-party software or hardware.“
As the beverage industry evolves into intelligent networks of Industry 4.0, replete with advanced analytics, artificial intelligence (AI) and industrial internet of things (IIoT) optimisation for smart manufacturing, new cybersecurity risks also arise.
Smart manufacturing on the rise in beverage industry
“We are seeing a wide variety of ‘smart’ use cases in the beverage industry that are underpinned by large data sets,” says D’Souza.
“AI and machine learning are accelerating market analysis of consumer preference data and that has made the industry more responsive to shifting consumer trends. Smart production facilities and optimised distribution networks are critical aspects of this more agile product-to-consumer ecosystem.”
These benefits include the reduced costs of implementing predictive maintenance, managing inventory and energy consumption efficiently, customised and flexible production, quality control to check defects or inconsistencies and bringing visibility to the supply chain through farm-to-fork tracking.
Heineken, for example, has retrofitted breweries with digital capabilities and connected them to a single IoT platform called the connected brewery ecosystem. The system includes real-time data integration, predictive analytics, and even a digital twin to optimise energy usage.
PepsiCo has automated manufacturing systems in ‘intelligent’ warehouses that use robots, sensors, and IoT technologies for optimised production.
Why are smart manufacturing systems more exposed to cyber risk?
However, these benefits bring amplified cybersecurity risks with them. Previously, information technology (IT) and OT systems were separated physically, making OT systems less susceptible to cyberattack.
“Connecting OT to the internet and IT networks enables data sharing and efficiency but also exposes these systems to potential exploits,” says D’Souza. “Not only are all components of the factory floor connected to each other, increasing the risk of a cascading failure in the event of an attack, but they are also connected to the internet, which exposes the system to a global interface of cyber risk.
This is a view to which Michael Metzler, vice president of horizontal management cybersecurity for digital industries at Siemens, also subscribes.
“Industrial control systems and Supervisory Control and Data Acquisition systems are integral to automated manufacturing processes and are also potentially vulnerable to cyberattacks,” he tells Just Drinks.
Thomas Richards, principal consultant at application security testing software provider Synopsys Software Integrity Group, adds: “Attackers are focusing more on less mature industries and without proper network segmentation, authorisation, and access controls, the smart manufacturing network is at risk for ransomware or other cyberattacks.”
According to the GlobalData’s 2022 Cybersecurity in Consumer Goods report, components of the manufacturing systems can also vary in vendor, model and age, making it challenging to standardise a cybersecurity software across the factory floor.
Rory Gopsill, a senior consumer analyst at GlobalData, explains: “One of the problems international companies are facing is that they have lots of production facilities around the world, all of which contain lots of different machines and systems that often differ in vendor and installation date. This means it can be very difficult for these big companies to maintain visibility over their machines and systems (i.e. the attack surface for threat actors) and to coordinate security practices in any simple way. “
Smart manufacturing is also dependent on big data.
“Additionally, there will be data dependency as meaningful insights from massive data sets are generated by large numbers of connected sensors and if this data is compromised or manipulated, it could lead to inaccurate insights, poor decision-making, and operational disruptions,” says D’Souza.
Moreover, the increased reliance on third-party software, cloud services, and interconnected systems increases the risk of both physical and software supply chain attacks.
“A breach in a supplier’s system could compromise the entire manufacturing process and dependent software supply chain,” he says.
Finally, he notes, the use of remote access for monitoring and control can expose the system to increased risk of unauthorised access and potential sabotage if the security protocols are inadequate: “Compromised IoT devices can grant attackers access to the broader network, disrupt operations, and exfiltrate sensitive data.”
These risks can have a significant impact on operations in the drinks industry, leading to halted or slowed production lines, product quality degradation – including manipulation of recipe formulations or contamination – financial losses, delays and disruptions in the supply chain, breached contracts, litigation risk and safety hazards to works and consumers.
What are the main cybersecurity threats?
“One major threat is ransomware attacks, which can encrypt critical data and systems, bringing production lines to a standstill,” says Metzler. “Recovery from such attacks often incurs substantial costs, both from potential ransom payments and the effort to restore systems from backups.”
Attacks can also include phishing, malware, and supply chain threats. In the future, D’Souza predicts that there will be increased sophistication and frequency of attacks, the rise of AI-powered attacks, further expansion of the attack surface and more supply chain attacks.
How can smart manufacturing systems be secured?
“Manufacturing networks have historically been difficult to secure due to the sensitivity of the equipment when conducting security assessments,” says Richards. “Proper design, threat modelling, and testing practices need to be done before the networks are operational to identify potential risks and mitigate them.”
Drinks companies are implementing proprietary solutions or turning to a range of cybersecurity providers, such as Armis Security, Claroty, Dragos, Nozomi Networks, Sangfor Technologies, PDI Software, Nagios, Rhebo and Trap X to secure their IT and OT environments.
Coca Cola partnered with Sangfor technologies to use its endpoint security solution to secure its China operations from the ‘Driving Life’ virus, a threat known for evading traditional detection systems.
Metzler says that Siemens recommends implementing its “multi-layered defence-in-depth concept” – extended by zero-trust principles.
He explains: “This concept complies with the recommendations of IEC 62443, the leading standard for security in industrial automation. It comprises three pillars: Plant Security, Network Security and System Integrity. With this, all key factors are taken into account, including physical access protection and organizational measures such as guidelines and processes as well as technical measures to protect networks and automation systems against unauthorized access, espionage and manipulation.”
D’Souza, recommends establishing a robust patch management process to ensure timely application of patches across all systems and softwares, implementing more advanced detection and response capabilities, and creating incident response and business continuity plans.
A range of software tools are available – such as asset identification and threat detection software, remote maintenance platforms, and network management systems with integrated security features.
Both D’Souza and Metzler emphasise the importance of investing in cybersecurity professionals who can address both IT and OT systems.
D’Souza says: “There's a shortage of cybersecurity professionals with expertise in both IT and OT security, making it challenging to implement and manage effective security programs. Partnering with a hyperscaler is frequently a big value add for manufacturers in this space. Many manufacturing facilities still rely on legacy systems that may not be compatible with modern security solutions, creating potential vulnerabilities.”
He adds that cloud computing can significantly aid companies in addressing cybersecurity risks, with some advantages over traditional on-premise solutions – such as robust data encryption, scalability, disaster recovery, secure remote access, data analytics and collaboration.
As the cybersecurity risk landscape expands rapidly, drinks companies must secure their smart manufacturing systems to prevent the disastrous consequences of a cyberattack.