Government security services are working to ensure the food and drink industry is resistant to cybercrime and food safety is not put at risk, following last weekend’s ransomware attack on hundreds of thousands of computers around the globe.
GCHQ’s National Cyber Security Centre has passed advice to Defra and business organisations, including the BRC and Institute of Directors, to filter down to suppliers and retailers.
There had been no more known sustained occurrences in the UK of the WannaCry software that hit the NHS, said an NCSC spokesman, but compromises of machines and networks may have occurred and not yet been detected. “In the days ahead, the NCSC, working closely with the National Crime Agency, will continue our round-the-clock effort to get ahead of this threat.”
With latest ONS figures showing cyber and fraud offences make up almost half of crime in England and Wales, food and drink businesses were in real danger of falling victim to online extortion and robbery, warned Eoghan Daly, counter-fraud manager at professional services firm Crowe Clark Whitehill. In extreme circumstances, hacking automated machinery could lead to dangerously unsafe products entering the retail chain, he added. “It’s an emerging risk.”
However, the vast majority of such assaults were easily and affordably defended against through advice in the government’s 10 Steps to Cyber Security web document, said Daly. “Ninety per cent of cyberattacks happen with really low-grade technology.”
Martin Forsythe, head of technical at the British Frozen Food Federation, said there were numerous examples of “low-level scams and hacking attempts on an almost daily basis”.
“The food and drink sector is definitely at risk, he added.”