The Livermore Valley Winegrowers Association Cybersecurity Presentation

The Livermore Valley Winegrowers Association Cybersecurity Presentation

The presentation titled "Cyber Threats to Food and Agriculture" will be delivered on November 15th, 2022 by Donald Hester, Cybersecurity Manager at California Commodities. The presentation will focus on the growing risks of cyber threats to the food and agriculture sector, with particular emphasis on California's contribution to the US and global food supply chain. California's agriculture industry provides a significant portion of US vegetables, fruits, nuts, and organic produce, as well as being the world's fourth-leading wine producer.

The presentation will highlight key threat drivers, such as the increasing integration of technology into agricultural practices, including the use of the internet of things (IoT), operational technology, and office operations. IoT devices such as sensors, robotics, GPS, and crop monitoring systems pose a significant cybersecurity risk. Similarly, operational technology such as industrial control systems, planting, irrigation, monitoring, sorting, fermentation, bottling, and packaging systems are also vulnerable to cyber-attacks. Office operations such as data, financial transactions, shipments, marketing, communication, and employee personally identifiable information (PII) are also at risk.

The presentation will also address the supply chain risks posed by cyber threats, including financial loss, operational disruption or delay, and reputational damage. The speaker will also discuss the types of cyber attacks that can target the food and agriculture sector, such as ransomware, data breaches, computer intrusions, malware/scamware, business email compromise, and supply chain attacks.

The presentation will highlight the critical infrastructure of the food and agriculture sector and its dependencies on other sectors such as water and wastewater systems, transportation systems, energy, and chemicals. The speaker will also provide a case study of the JBS Foods ransomware attack in May 2021, which stopped operations at 13 meat processing plants and resulted in a ransom payment of $11 million.

Overall, the presentation will provide valuable insights into the growing cyber threats to the food and agriculture sector and the importance of cybersecurity measures to protect critical infrastructure and supply chain operations.

Outline

Cyber Threats to Food and Agriculture

15 NOV 2022

Presented by Donald Hester, Cybersecurity Manager

California Commodities

California Provides:

• 1/3 of the United States vegetables

• 2/3 of the United States fruits and nuts

• 36% of US organic production

• 20.8 Billion in agricultures exports (2020)

Wine Specifically:

• 81% of all U.S. wine

• World’s 4th leading wine producer

• $57.6 billion in state economic impact

• 325,000 jobs in California

• $17.2 billion in state wages

Sources: U.S. Tax and Trade Bureau; BW166; The Gomberg, Fredrikson Report; Global

Trade Information Services; and California Dept. of Food & Agriculture; Cal-CSIC.

Key Threat Drivers

• Vintners, Ranchers and Farmers integrate technology into their practices

• Cyber risks increase with the adoption of new technologies

Internet of Things

• Physical devices connected to the internet

• Sensors

• Robotics (UAV)

• GPS

• Monitors (Crop Monitoring)

Operational Technology

Process Automation

• Industrial control systems (connected)

• Planting, Irrigation, Monitoring

• Sorting

• Fermentation

• Bottling and Packaging

Office Operations

• Data

• Financial

– Invoice, Payments, Banking

• Shipments

• Marketing

• Communication

• Employee Personally Identifiable Information (PII)

Supply Chain Risks

• Financial loss

– Colonial Pipeline incident increase fuel and shipping costs

• Disruption or Delay on operations

• Reputational damage

– A vendors incident reflects on the organization

The Bad Guys

• Cyber Criminals

– Financial motivated

– Ransomware & Extortion

• Nation States

– Economic advantage

– Disruption & destruction

– Intellectual property

• Hacktivists

– Agenda based

JBS Foods Ransomware Attack

• May 30, 2021

• REvil Ransomware Attack

• Stop operations at 13 meat processing plans

• Russian Based

• White House contacted Russia

• Paid $11M in ransom

• Some suspects were arrested

Types of Attacks on Food and Agriculture

• Ransomware

• Data Breach

• Computer Intrusion

• Malware/Scamware

• Business Email

• Compromise

• Supply Chain

Critical Infrastructure Food and Agriculture Sector

Dependencies particularly with the following sectors:

• Water and Wastewater Systems

• Transportation Systems

• Energy

• Chemical