When you think cyberattack, you probably envision hackers breaching the defenses of nuclear plants or crippling power grids. But in October 2021, the quiet hum of dairy farms across America was shattered as Schreiber Foods, a leader in cheese production, fell prey to a cyberattack that would send ripples through the entire dairy supply chain. This attack was not just another headline; it was a stark reminder that the food and agriculture sector is increasingly vulnerable to digital threats. With systems critical for milking cows, assessing milk quality, and managing inventory compromised, the company faced a devastating disruption that would lead to a nationwide shortage of dairy products just in time for the holiday season. As the attack unfolded, it became clear that the implications extended far beyond Schreiber Foods, affecting farmers, cooperatives, and consumers alike, highlighting the urgent need for the industry to bolster its cybersecurity defenses.

• Quantified Impact: The cyberattack on Schreiber Foods disrupted their ability to receive and process raw dairy, leading to widespread shortages of dairy products during the holiday season.

• Impacted Assets:

  • Dairy computer systems were compromised, affecting the milking process, raw milk quality assessment, and inventory management.
  • Critical data was likely corrupted or rendered inaccessible, severely limiting operational capabilities.
  • Systems were locked by ransomware, preventing normal functionality and access to necessary information.

• Organizational Effects:

  • Production disruptions resulted in an inability to fulfill orders for cheese and other dairy products, affecting grocery stores and restaurants nationwide.
  • Customer inquiries could not be handled efficiently due to system downtime, eroding customer trust and satisfaction.
  • Direct financial costs incurred due to the incident included lost revenue from unfulfilled orders and potential penalties from supply chain disruptions, although specific figures remain undisclosed.

The Schreiber Foods cyberattack likely occurred due to vulnerabilities in their critical dairy computer systems, which manage essential operations like milking, quality assessment of raw milk, and inventory management. Many food and agriculture companies, including Schreiber, often use older software and devices that may not receive regular updates or patches, making them attractive targets for cybercriminals.

Ransomware-as-a-Service (RaaS) has made it easier for attackers to exploit such vulnerabilities without needing advanced technical skills. Once inside the system, attackers can encrypt data and disrupt operations, as seen in the Schreiber incident, leading to significant supply chain disruptions.

The interconnected nature of the food supply chain means that a breach in one company can quickly affect others, further exacerbating the impact. The incident serves as a stark reminder of the increasing sophistication of cyber threats in the food industry and highlights the urgent need for enhanced cybersecurity measures to protect against potential attacks.

Upon discovering the cyberattack, Schreiber Foods initiated an immediate response to contain the threat. The company’s IT team quickly identified the presence of malware within their dairy computer systems, which were crucial for managing production and supply chain operations. They implemented a triage system to assess the extent of the damage, isolating affected systems to prevent further spread of the malware.

Critical operations were prioritized, focusing on restoring functionality to the systems responsible for milking cows and managing raw milk quality. The team collaborated with cybersecurity experts to analyze the malware's characteristics, enabling them to develop a targeted response strategy. This included enhancing their network security protocols and beginning recovery processes to restore disrupted services. Throughout this period, they maintained communication with stakeholders to manage expectations and mitigate the impact on the supply chain.