Cybersecurity at feed mills: Why it matters and what steps to take

21-08-2023 | |
Automation of feed mills has made them a target for cyber-attacks, while the level of cybersecurity varies from feed mill to feed mill. Photo: Canva
Automation of feed mills has made them a target for cyber-attacks, while the level of cybersecurity varies from feed mill to feed mill. Photo: Canva

Cyber-attacks in the agriculture industry have become more common in recent years. Feed mills have also become a target because of more incorporated automation and technology. It’s time to take a serious look at cybersecurity.

It’s hard to know how many attacks are happening around the world because many companies do not make this information public.

In 2021, an attack against international meat processor JBS shook company leaders across the board in the agri-food sector, making most of them pay much more attention to this threat to business continuity than they perhaps had before. Various computer networks at JBS were attacked, temporarily shutting down some of the company’s operations in Australia, Canada and the USA, with 1000’s of workers affected and serious processing backlogs created.

Feeds mills a target for hackers

Feed mills, says Isaac Kinnard, a Network Engineering Manager at CPM Automation, remain a cyberattack target. Especially now, as Dr Adam Fahrenholz of North Carolina State University has recently noted, with today’s mills having incorporated more automation and technology than ever due to tech advancements, labour shortages and the pandemic.

…the mindset now is not if you will be attacked, but what happens when you do

Isaac Kinnard, a Network Engineering Manager at CPM Automation

Cybersecurity at feed mills

Kinnard and Fahrenholz spoke about cybersecurity at feed mills at the US Poultry & Egg Association’s 2023 Feed Mill Management Seminar in Georgia in March. They discussed the importance of cybersecurity for mill control systems, the need to segregate mill systems from the internet and why it’s critical to implement appropriate access controls and otherwise prepare for and recover from a cyber-attack.

Kinnard notes that the level of cybersecurity across the industry is not the same from feed mill to feed mill. “There are some great defences out there, and some that could be improved,” he says.

But even though there is progress to be made in the feed sector with cybersecurity, he sees good news in that industry leaders are taking the threat of cyberattack seriously.

“I would say the mindset now is not if you will be attacked, but what happens when you do,” he explains. “Meaning that in today’s day and age, if you have a network, statistically someone is going to try and attack it. However, if you have good measures in place, being attacked doesn’t mean the attack will be successful.”

Why and how

Most cyberattacks are carried out to make money. Many involve ransomware, a software program that ‘locks out’ access to the victim’s own computer system for operational purposes and/or stored data, with access returned only when a ransom is paid, typically in a digital or otherwise untraceable currency.

While large global businesses such as JBS have much larger amounts of money at their disposal to pay the attackers, making them attractive targets, the cybersecurity of large firms is generally better than that of smaller companies such as feed mils.

So, although less financial reward may result from attacking a feed mill business, it’s also typically less work for attackers to target them, as there may not be adequate protections in place.

“I believe historically feed mills weren’t thought of in terms of security in the same way as business/corporate IT networks,” says Kinnard. “However, a lot has changed in recent years. There have been a few successful ransomware attacks against feed mills that changed a lot of thinking when it comes to feed mill cybersecurity. The biggest challenge is that feed mill networks are not the same as normal business networks. The key is understanding the difference, and implementing appropriate measures.”

Financial motivation aside, malicious parties may also attack feed businesses for other reasons such as a desire to disrupt food supply chains or perhaps animal welfare activism.

Prevention is better than cure

Until recently, many experts have lamented that cybersecurity has been largely a reactive concept. Businesses and institutions have tended to react to cyberattacks instead of actively working to prevent them.

But now that proactivity has become more the norm, what are industry leaders in the feed sector specifically doing with cybersecurity?

“In a nutshell, the best companies have a great understanding of how their mill networks are different than their corporate network, and apply the best practices relevant to an industrial network,” says Kinnard. “My favourite implementations are where the mills have separated their feed mill networks from their corporate domain. Then, they severely limit any traffic in and out of the mill with multiple layers of protection on that traffic.”

In addition, Kinnard says mills should have proper physical security and end-point protection for the devices in the mill. They should top that off with multiple redundancies and backups.

Getting started: Cost-effective solutions

Even though they are well aware of the risks, not all feed mill owners are making the investments in cybersecurity that they should.

“I would say most companies are investing in some sort of capacity,” says Kinnard, “but of course, some are investing more than others. As with most things, price is the biggest limiting factor. Larger companies can invest more than smaller ones, and they should. However, smaller companies can still implement cost-effective solutions.”

In terms of the first steps to take, Kinnard first explains that every network at each mill site is different.

“An assessment must be done to identify the vulnerabilities of hardware, software and the ways they communicate,” he says. “Once you understand your network, you have a much better understanding of how to secure it.”

The assessment should also examine aspects such as where connections to access operational or monitoring data are or are not needed, and whether ‘legacy’ IT systems have been isolated for protection if they are not capable of more advanced security functions.

In addition, everyone working at every feed mill, whether in the office or in the mill itself, needs to follow fundamental security practices in their daily work when creating and storing passwords, working outside the office, and storing and sharing information digitally.

Join 26,000+ subscribers

Subscribe to our newsletter to stay updated about all the need-to-know content in the feed sector, three times a week.
Treena Hein Correspondent