There is no shortage of risks in the global environment these days. The Barcelona Centre for International Affairs (CIDOB), an independent think tank, has documented the top issues that it believes will shape the international agenda in 2018. One of these issues concerns connectivity and the world order. This connectivity includes control over the means of transporting goods and information, which is a strategic priority for many nations. However, the potential for crisis related to this control appears to be increasing. One of the contributing factors to this crisis, according to the CIDOB, is digital vulnerability. With the tensions mounting between many countries including the U.S., Russia, China, and the Korean Peninsula, this vulnerability could translate into real incidents of cyberterrorism.
Get Paid For Your Thoughts!
- Wiley (Food Quality & Safety’s publisher) is offering $200 to qualified food scientists who participate in research interviews about challenges facing the food industry.
Take the survey >
Perhaps it is beneficial to start with an understanding of cyberterrorism. As stated by the U.S. Federal Bureau of Investigation, cyberterrorism is any “premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against non-combatant targets by sub-national groups or clandestine agents.” Similarly, according to the Cambridge Dictionary, cyberterrorism constitutes “the use of the Internet to damage or destroy computer systems for political or other reasons.”
Of course, cyberterrorism can involve any information system in any industry and it might be argued that a greater crisis would result from sabotaging highly sensitive information systems, such as those used for air traffic control. So what would inspire cyberterrorists to focus on the systems that are part of the food chain?
As it turns out, these systems are actually very attractive targets for a cyberterrorist attack. An attack of this nature could certainly be far-reaching—the food chain is an entity that unites the world population and touches everyone in some way. The National Cybersecurity Institute at Excelsior College, a center dedicated to the challenges in cybersecurity policy, technology, and education, states that the “Department of Homeland Security [in the U.S.] has labeled the Food and Agriculture industry as one of the 16 national critical infrastructures.”
According to the World Health Organization, 420,000 people die every year from food-related illnesses and the Food and Agriculture Organization of the United Nations says that more than 1.3 billion tons of food is wasted due to spoilage. An act of cyberterrorism in the food industry (also known as agroterrorism) could increase these numbers exponentially. There are a number of different avenues that agroterrorism could take:
- Disruption of delivery;
- Alteration of formulations;
- Interception of confidential information; and
- Threat of tampering.
How could these avenues unfold? Let’s discuss each one in some detail.
Disruption of delivery would affect the transportation system that moves goods from place to place, potentially cutting off vital supplies to vulnerable communities.
Alteration of formulations could occur at a food manufacturing facility through the takeover of important pieces of equipment. These days, nearly every step of the food supply chain involves a smart device or sensor that connects to a centralized control system. These devices are known as programmable logic controllers, or PLCs. The programming that makes up a PLC is only as “smart” as the individual who created it. PLCs can’t be relied on to make the distinction between a benevolent programmer and a malevolent individual with the goal of causing harm. PLCs could potentially be accessed remotely with any number of undesirable to disastrous results.
Researchers have already been successful in modeling the takeover of PLCs in a water plant. By using ransomware, they were able to change the monitoring systems, including altering chlorine levels. PLCs can control very significant parts of the manufacturing process. Taking control of PLCs involved in the manufacturing process of a product destined for a highly susceptible population, like infant formula, could result in major changes to the calibrated delivery of the various nutrients that are part of the formulation. The ultimate result is the sickening (or worse) of the youngest segment of the population.