Politico says security analysts from the University of Minnesota warned the US Agriculture Department in late May about a cyber crime known as ransomware. They said it could wreak more havoc on Americans’ food sources than Covid-19 did.
A week and a half later, the prediction became reality as a ransomware attack forced the shutdown of meat plants that process more than a fifth of the nation’s beef supply in the latest demonstration of hackers’ ability to interrupt a critical piece of the US economy.
The hack of the global meatpacking giant JBS last weekend is the starkest example yet of the food system’s vulnerability to digital threats, especially as internet technology and automation gain an increasing role across farmlands and slaughterhouses. But federal oversight of the industry’s cybersecurity practices remains light, despite years of warnings that an attack could bring consequences ranging from higher grocery prices to contaminated food.
Virtually no mandatory cybersecurity rules govern the millions of food and agriculture businesses that account for about a fifth of the US economy — just voluntary guidelines exist. The two federal agencies overseeing the sector include the USDA, which has faced criticism from Congress for how it secures its own data. And unlike other industries that have formed information-sharing collectives to coordinate their responses to potential cyber threats, the food industry disbanded its group 2008.
Now, food producers need to face the fact that disruptive cyberattacks are part of what Agriculture Secretary Tom Vilsack calls their “new reality.”