While food and beverage processors have been scrambling to protect their process control equipment, intellectual property (IP) and IT/OT systems from cybersecurity/ransomware attacks, their efforts may be outpacing the Federal Government, which should be setting an example by having secured its own agencies from cyberattacks.

: Just when IT and OT professionals were feeling a little more comfortable in preventing and tackling ransomware/malware attacks, now they have something new to worry about—and potentially just as insidious—the Log4j vulnerability.

The FDA has reorganized the agency’s information technology (IT), data management and cybersecurity functions into the new Office of Digital Transformation (ODT), which has been realigned to report directly to the FDA commissioner. 

While technological solutions help processors ensure data stays safe, human error is still a potential weakness.

Technology companies are employing AI/ML techniques to deter nefarious actors, but users still need to exercise common sense in defending their industrial control systems.

Cybersecurity may seem only for enterprise systems and critical infrastructure, but at the control system level there are too many gaps in the food and beverage industry.

Once a hacker connects via RDP to any computing system, unless operators take immediate action, the hacker can use this connection to log in at any time in the future, extort money, install ransomware on the computer, and/or sell the connection login/password and other data on the dark web, making an unprotected system available to anyone who wants to purchase the information.