Cyberattacks – what can be done to protect your factory?

12th May 2022

As the food and drink sector embraces the latest technology and digitisation within its factories and food processing plants, the number of food and drink businesses (FBOs) that have experienced incidents of cyber-crime have increased. The cyberattack at the start of 2022 against KP Snacks, maker of well-known brands such as Hula Hoops, Pom-Bear, McCoy’s, Tyrrells and Butterkist, was probably the most high-profile to date. The company first became aware of an IT outage incident at the end of January and after an initial internal investigation, warned Nisa customers on 2 February that “we are now able to confirm that we have been victims of a cyberattack and our systems have been compromised by ransomware” and went on to say that the company could not “safely process orders or dispatch goods“.

The modern manufacturing environment is heavily reliant on technology, from cloud-based data storage systems and automated assembly solutions to robotics and artificial intelligence. All of this technology means that many FBOs are exposed to significant risk from cyberattacks. Attacks on FBOs are largely ransomware attacks in which the FBO is blocked from accessing critical information and business systems. It could result in companies not being able to process orders, operate the production lines or manage the logistics of delivery.

How can FBOs protect themselves from a cyberattack?

It is not possible for an FBO to entirely eradicate the risk of a cyberattack.

We recommend that where FBOs have not done so already, they should implement a formal cybercrime prevention strategy and incident management plan as part of the overall risk, compliance and business continuity framework embedded into the business.

This process involves conducting diligence on cybercrime risk for the individual business and ensuring that there is a clear and structured plan of technical and legal responses which will immediately come into operation in the event of a cyber-attack in order to swiftly mitigate the financial, reputational and legal exposure caused by a cyberattack. The plan should address:

• Technical IT and business systems responses;
• Assessment of legal data-protection breaches, associated regulatory risk and ICO reporting requirements;
• Communications protocol, reputation management and guidance for staff;
• Third party and insurance claims; and
• Ongoing risk assessment, audit and training protocols.

WM Comment

Walker Morris’ specialist Food and Drink Group consists of a multi-disciplinary team of lawyers immersed in the food and drink industry with the expertise to support clients across the various disciplines required to prepare for and respond to cyberattacks, including working with clients on implementing formal cybercrime prevention and incident management plans to ensure clients are in the best possible position to respond effectively to a cyberattack incident.

Please contact Richard Naish or Nick Lees for a further discussion about cybercrime incident planning and rapid response.