Feature

Modern supply chains open up cyber weak spots

The investment in digital tech and the quest for efficiencies in production and distribution can present opportunities for hackers, Simon Creasey reports.

What do Arizona Beverages, Coca-Cola FEMSA, Molson Coors and Damm have in common? All of these drinks companies have been the subject of cyberattacks in recent years, which have caused varying degrees of business disruption. 

Some, like Arizona Beverages, were hit by ransomware attacks, which wiped hundreds of the company’s computers and servers and effectively shut down the businesses’ sales operations for a number of days, according to media reports. Others – like Molson Coors and Damm – were forced to halt production due to unspecified cybersecurity incidents.  

These incidents are by no means isolated examples. They’re the ones that became public knowledge. According to data produced by cybersecurity business Armis, in 2023 cyberattack events increased by 104% globally and manufacturing was one of the most at-risk industries, with attacks rising 165% (the company doesn’t track specific figures relating to drinks manufacturers). 

In addition to the volume of attacks against manufacturers increasing, experts say cybercriminals are getting more sophisticated in the way they conduct attacks. Rather than targeting the manufacturers directly, experts say hackers will look for weak points in the company’s supply chain that they can target.

The perils of digitalisation

One of the main reasons drinks manufacturers have found themselves targeted by cybercriminals is because many of them have undertaken digital transformation programmes. 

The implementation of more automation and smart technologies across their production processes and their supply chains has in turn created new opportunities for cybercriminals, says Kristin Demoranville, CEO at cybersecurity consultancy AnzenSage. 

“These days, systems aren’t just physical anymore; they’re cyber-physical with internet capabilities,” she explains. “You can push a button or pull a lever but you can do the same with your smart device. Cybersecurity isn’t just about the digital space; it’s also about protecting the physical security of these environments.” 

Demoranville says the attack on Molson Coors, which took place in March 2021, highlights “how interconnected our systems are and why drinks companies need robust cybersecurity measures to handle both digital and physical threats”.

Credit: diy13 / Shutterstock

In addition to the higher levels of automation, drinks manufacturers are considered part of critical national infrastructure, which makes them increasingly attractive targets for nation-state attackers as well as cybercriminals. 

“We’ve seen this during the war in Ukraine, where cyberattacks targeted various sectors, including food and beverage, to disrupt supply chains and create instability,” says Demoranville. “Food safety also comes into play; if attackers can compromise the integrity of beverages, it can have profound public health implications.” 

Manufacturing and distribution pinchpoints

The sector’s heavy reliance on just-in-time manufacturing and distribution is another potential hindrance and vulnerability, according to Demonranville.  

“They [drinks manufacturers] don’t keep extensive inventories on hand; they get materials as needed. While this is efficient, it also makes them extremely sensitive to disruptions. Cybercriminals know that a successful attack can halt production, leading to significant financial losses, which creates a strong incentive for companies to pay ransom quickly.” 

Carlos Buenano, CTO of operational technology at Armis, agrees. “They [drinks companies] often run [production] 24/7, with potentially catastrophic effects if the production chain is disrupted. Additionally, these companies have a complex supply chain, making them susceptible to supply chain attacks.” 

IoT devices and automated inventory systems make things efficient but also open up new vulnerabilities.

Kristin Demoranville, AnzenSage

According to cybersecurity experts, the supply chain is a major and growing area of vulnerability for drinks manufacturers with many companies relying on a broad network of suppliers and logistics providers. It only takes one of those suppliers to have weak cybersecurity protocols in place and it can jeopardise the whole supply chain, cautions Demoranville. 

“In logistics, we’re leaning heavily on digital systems nowadays,” she continues. “IoT devices and automated inventory systems make things efficient but also open up new vulnerabilities. If these aren’t properly secured, a cyberattack could throw a wrench in the whole operation, causing major disruptions. Distribution networks are another critical area. They’re all about interconnected systems for tracking and delivery. If there’s a weak spot anywhere, it can mess up the entire flow of goods to market, leading to financial hits and hurting the company’s reputation.” 

And the problem is the larger the supply chain the greater chance there is of weaknesses occurring. These weaknesses can be multiple and varied, says Rich Jackson, strategic business manager at Moore ClearComm, the cyber and data protection division of accountancy firm Moore Kingston Smith.

“Common weaknesses include the use of unsupported, unpatched, and poorly configured systems, software and IoT devices, along with a dependency on third parties that lack robust cybersecurity practices which exacerbates the risks,” he explains. 

It is therefore vital manufacturers secure their supply chains and ensure suppliers adhere to strict cybersecurity standards and conduct regular audits.   

“A simple first step could be implementing a cybersecurity checklist for suppliers to ensure they meet your security requirements before continuing business,” says Demoranville.

Be more proactive

To understand the risks they face, manufacturers also need to have full visibility across their entire network.  

“Network segmentation should be put in place to restrict unnecessary connectivity and the movement of malware in order to mitigate the impact of cyberattacks,” advises Andrew Lintell, general manager in the EMEA region at industrial cybersecurity company Claroty. “The situation is also exacerbated with some food and drink organisations not having effective vulnerability management strategies in place. A quarter of food and beverage organisations admitted that they only assess security flaws reactively or not at all. It’s no good trying to fix an IoT device’s vulnerabilities once they have already been exploited by cyber criminals and it is even worse if there’s no attempt at all.”

A quarter of food and beverage organisations admitted that they only assess security flaws reactively or not at all.

Andrew Lintell, Claroty

To minimise the future risk of cyberattacks, Trevor Dearing, director of critical infrastructure at US data and cloud-computing security company Illumio says drinks manufacturers must adopt a “break glass” style response time to incidents, with extra protection given to critical systems so that attacks can be stopped before they impact business operations.  

“The most effective way to implement this is through ‘zero trust’ – a security model that works on the principle of least-privilege access,” says Dearing. “IT teams can control how systems communicate, meaning an attack can be contained and production secured. Also, by having tight controls around access, it makes it harder for criminals to infiltrate and spread inside the network.” 

By taking a more proactive stance to risk management, drinks manufacturers can stay ahead of emerging threats and safeguard their critical assets to minimise disruption and downtime. 

“Every asset – from sensors to security cameras – must be discovered and identified, threats, vulnerabilities and risks must be protected, and findings must be effectively managed,” says Armis’s Buenano. 

Manufacturers also need to realise that, when it comes to making sure their supply chains can withstand even the most sophisticated of attacks, it is not just about the technology they use.  

“It’s about people, processes and having robust plans and agreements in place to manage all these risks,” says Demoranville. “By integrating cybersecurity into the existing food safety culture and taking these practical steps, drinks companies can strengthen their defence against potential threats.” 

As data from the likes of Armis shows, it is clear that drinks manufacturers need to take the threat of cybercrime seriously. 

Just last month, California-based Crimson Wine Group was the victim of a cyberattack by the ransomware group Abyss. The attack resulted in a significant data breach, with approximately one terabyte of sensitive information being compromised.  

The company’s operations were disrupted by the breach, as it was forced to shut down certain systems and isolate its functions from the internet. 

It is the continuation of a worrying trend with industrial cybersecurity company Dragos tracking seven ransomware incidents relating to food and beverage companies in the first quarter of this year.  

As these numbers highlight, the cybersecurity threat faced by drinks manufacturers is unlikely to go away any time soon.

Go to article: Home | Cybersecurity in the age of AIGo to article: ContentsGo to article: BriefingGo to article: Foreword: Cybersecurity in the age of AI Go to article: Navigating the AI-driven cybersecurity landscapeGo to article: Key trends impacting cybersecurity Go to article: Timeline: a history of cybersecurity Go to article: Explainer: The most common types of cyberattacks Go to article: AI attacks now ‘the main cybersecurity concern’ for businesses across sectors Go to article: The state of cybersecurity: AI and geopolitics mean a bigger threat than ever Go to article: Companies’ own AI applications are ‘a huge cybersecurity problem’ Go to article: Regulators must protect the cybersecurity market from a private equity takeover Go to article: HealthcareGo to article: The impact of cybersecurity on healthcareGo to article: Case studies: cybersecurity in healthcare Go to article: Leading cybersecurity adopters and providers in healthcareGo to article: How healthcare cybercrime is predicted to escalate Go to article: Healthcare cybersecurity risk ‘higher than ever’ due to pandemicGo to article: Industry takes: Keeping healthcare businesses cybersecure Go to article: Rubrik’s Richard Cassidy on cyberattacks and resilience in healthcare organisationsGo to article: Cyberattacks on healthcare: Russia’s tool for mass disruption Go to article: Traceability technologies tighten supply chain fakery Go to article: Could brain-computer interfaces be hacked? Go to article: Deal activity related to cybersecurity in the pharma industry since 2021 Go to article: Deal activity related to cybersecurity in the medical industry since 2021 Go to article: EnergyGo to article: The impact of cybersecurity on the energy sector Go to article: Case studies: cybersecurity in energy Go to article: Leading cybersecurity adopters and providers in power Go to article: Cyberattacks on critical energy infrastructure ‘have increased dramatically’ Go to article: Report: Nuclear industry faces acute cybersecurity threats Go to article: The energy transition means increased attack surfaces for hackers Go to article: Deal activity related to cybersecurity in the power industry since 2021  Go to article: Cyber threat to oil and gas driven by geopolitics, extortion Go to article: How has cybersecurity changed since the Aramco hacks? Go to article: Deal activity related to cybersecurity in the oil and gas industry since 2021  Go to article: MiningGo to article: The impact of cybersecurity on miningGo to article: Case studies: cybersecurity in miningGo to article: Leading cybersecurity adopters and vendors in miningGo to article: Proactive approach to cybersecurity key for minesGo to article: ‘Operational disruption’ the main cybersecurity threat in miningGo to article: Why the mining sector should prioritise investment in cybersecurityGo to article: Will the Northern Sea Route become commercially viable in the near future?Go to article: Deal activity related to cybersecurity in the mining industry since 2021Go to article: DefenceGo to article: The impact of cybersecurity on defence Go to article: Case studies: cybersecurity in defence Go to article: Leading cybersecurity adopters and providers in defence Go to article: Latest news: Ukraine war dominant in cyber operationsGo to article: Sweden’s Nato accession: a cyberattack-filled saga Go to article: Germany recalls ambassador to Russia over cyberattacks Go to article: Why have cyberattacks in Poland spiked since Donald Tusk’s election? Go to article: How did China hack the UK Ministry of Defence? Go to article: Will IoT in defence continue to grow amid cybersecurity concerns? Go to article: AI Innovations wants to use semi-autonomous drones to save lives in Ukraine Go to article: Deal activity related to cybersecurity in the aerospace & defence industry since 2021  Go to article: Consumer GoodsGo to article: The impact of cybersecurity on the consumer goods sector Go to article: Case studies: cybersecurity in the consumer sector Go to article: Leading cybersecurity adopters and providers in consumer goodsGo to article: Latest news: Cybersecurity in packagingGo to article: Cybersecurity rising concern for packaging firms as digitalisation raises threat Go to article: Packaging companies must protect production lines from cyberattacks –analyst Go to article: Cybersecurity boost: Packaging learns from recent IT outages Go to article: Deal activity related to cybersecurity in the packaging industry since 2021  Go to article: Latest news: Cybersecurity in drinks Go to article: Drinks industry faces cybersecurity challenges from smart manufacturing Go to article: Brown-Forman chief talks cybersecurityGo to article: Modern supply chains open up cyber weak spotsGo to article: BankingGo to article: The impact of cybersecurity in banking and payments Go to article: Case studies: cybersecurity in banking Go to article: Leading cybersecurity adopters and providers in banking & payments Go to article: Latest news: cybersecurity in bankingGo to article: AI needed to tackle AI fraud – cybersecurity expert Go to article: What are the main cybersecurity trends of 2024? Go to article: What does the Economic Crime Act mean for foreign investors to the UK? Go to article: Regulators make crypto more attractive to institutions – NYU professor Go to article: Finance firms and ex-spies: strange bedfellows in a war-torn world Go to article: Monzo adds friction to fight fraud—but the features may not be popular with customers Go to article: Looking to stop payment fraud? Modernise your approach to bank validation Go to article: Governments must intervene on anti-fraud funding for real-time payments Go to article: Knowledge sharing puts finance sector among best for cybersecurity Go to article: Deal activity related to cybersecurity in the retail banking industry since 2021  Go to article: Sponsorship opportunitiesGo to article: GlobalData Thematic IntelligenceGo to article: Next issue