Categories
Commentary & Insights

8 recent cyber attacks on food production and agriculture

In this post we highlight cyber incidents that caused operational disruptions, beyond data breaches, to food and agriculture sector entities:

  • Federated Co-op Ltd. (Canada)
  • Duvel Moortgat (Belgium)
  • Farmer Vital Bircher (Switzerland)
  • Campbell Soup Co. (United States)
  • Dole Foods (United States)
  • Super Bock Group (Portugal)
  • Schreiber Foods (United States)
  • JBS (United States and Australia)

The attacks discussed in this post all resulted in operational disruptions, in addition to data loss in some cases. The number of cyber attacks that only resulted in data loss is considerably larger, and includes victims such as Banham Poultry, Heineken, Yakult Australia, and Fresh Del Monte Produce.

The food and agriculture sector is diverse, with sub-sectors including:

  • Crop production
  • Livestock farming
  • Dairy production
  • Poultry farming
  • Aquaculture
  • Meat processing
  • Grain milling
  • Food packaging
  • Beverage production
  • Food retailing
  • Distribution and logistics

Cyber attacks on distribution and logistics are covered in a separate post on transport and logistics.

Potential consequences

The consequences of a cyber attack on food and agriculture sector entities have the potential to be devastating to local communities and wider geographic areas. Consequences can include:

  • Operational downtime: Complete or partial shutdown of automated systems, irrigation, and production facilities, crippling productivity for extended periods.
  • Environmental damage: Cyber attacks affecting automated systems for environmental controls, causing pollution, waste, or overuse of resources like water or energy.
  • Compromise of food safety standards: Hackers tampering with equipment settings, altering storage temperatures, or manipulating food testing data, risking consumer health.
  • Animal welfare compromise: Disrupted systems affecting the care, feeding, and shelter of livestock, resulting in illness, death, or suffering.
  • Supply chain disruptions: Interruptions in the flow of raw materials, inputs, and finished goods, causing delays in production, distribution, and product availability on shelves.
  • Financial losses: Revenue losses due to halted operations, damaged reputation, and costs related to system recovery and fines.

Cyber attacks that caused service interruption

Federated Co-op Ltd.

Wholesaling, manufacturing, marketing and administrative co-operative in Western Canada

Date: June 2024
Country: Canada
Consequences: Store inventory shortages and systems taken offline

Federated Co-op Ltd. experienced a cybersecurity incident in June 2024 that impacted its internal and customer-facing systems, leading to inventory shortages of grocery items like bread, frozen goods, fruits, dairy, and fresh produce. The incident caused empty shelves or inventory shortages at some Co-Op stores, and websites and online shopping to be taken offline.

Read more: cbc.ca [1] and cbc.ca [2]

Duvel Moortgat

Major Belgian beer producer

Date: March 2024
Country: Belgium
Consequences: Production halt and data breach

The Stormous ransomware gang attacked Duvel Moortgat Brewery, causing production to halt at all Belgian and US sites. The gang claimed to have stolen 88GB of data and demanded a ransom by 25 March 2024. The brewery’s IT department detected the attack and shut down production lines. The incident disrupted operations for several days.

Read more: therecord.media

Farmer Vital Bircher

Small farmer

Date: November 2023
Country: Switzerland
Consequences: Death of livestock

In November 2023, a ransomware attack on a farm in Switzerland led to the death of a cow and its calf. After the farmer’s systems were breached, it was not possible to monitor the herd’s vitals, leading to the death of a calf and the eventual euthanasian of the mother cow.

Read more: securityaffairs.com

Get notified of new incidents

Enter your email address to receive a notification when new incidents are added to this page

    Campbell Soup Co.

    Processed food producer

    Date: July 2023
    Country: United States
    Consequences: Multi-day plant outage

    A cyber intrusion was discovered in part of the IT network in July 2023. Little other detail was made available, however the plant was offline for three days and employees were temporarily sent home

    Read more: cybersecuritydive.com

    Dole Foods

    Fresh produce giant

    Date: February 2023
    Country: United States
    Consequences: Inability to supply products and data breach

    A ransomware attack in February 2023 resulted in the shutdown of North American operations to contain its spread and the exfiltration of personal information on 3,885 U.S. employees. Hackers accessed employee information including names, addresses, driver’s license numbers, passport numbers, dates of birth, and phone numbers. The shutdown of operations led to grocery shipments being halted and some stores reporting outages of Dole products for several days. The incident cost Dole ~$10.5 million during the first quarter alone following the attack.

    Read more: cybersecuritydive.com

    Super Bock Group

    Beverage company owning Super Bock, Vitalis, Pedras

    Date: January 2023
    Country: Portugal
    Consequences: Impacts to supply chain

    The Super Bock Group experienced a cyber attack that disrupted its computer services. The company reported that the incident caused major restrictions in its supply operations. Further information was limited, other than to confirm contingency plans were activated.

    Read more: theregister.com

    Schreiber Foods

    Milk processing company

    Date: October 2021
    Country: United States
    Consequences: Multi-day processing and distribution centre shutdowns

    Schreiber Foods experienced a ransomware attack that shut down its milk processing plants and distribution centres over a weekend, causing a disruption in the milk supply chain. The attack began on Friday 22 October 2021 and systems started to come back online late on the Monday. The company faced a $2.5 million ransom demand and had to redirect milk transporters. Employees were unable to access company buildings during the incident.

    Read more: zdnet.com

    JBS

    Global meat processing company

    Date: May 2021
    Country: United States and Australia
    Consequences: Multi-day, international operation stoppage, temporary staff lay-offs

    A ransomware attack on JBS, the world’s largest meatpacking company, halted operations at 47 sites in Australia and nine in the USA for five days. The shutdown threatened meat supply chains, with temporary staff lay-offs at some plants and reports from farmers that their shipments of livestock were cancelled. The attack, carried out by Russian hacker group REvil, encrypted systems used for quality assurance. JBS Foods paid an $US11 million ($14.2 million) ransom in Bitcoin to resolve the issue.

    Read more: abc.net.au