Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
Food Science and TechnologyVolume 36, Issue 2 p. 46-49 FeaturesFree Access Cybersecurity: threats and solutions First published: 09 June 2022 https://doi.org/10.1002/fsat.3602_11.xAboutSectionsPDF ToolsExport citationAdd to favoritesTrack citation ShareShare Give accessShare full text accessShare full-text accessPlease review our Terms and Conditions of Use and check box below to share full-text version of article.I have read and accept the Wiley Online Library Terms and Conditions of UseShareable LinkUse the link below to share a full-text version of this article with your friends and colleagues. Learn more.Copy URL Share a linkShare onFacebookTwitterLinked InRedditWechat Lucia Capogna, Mariella Barra and Simon Langley, all members of IFST's Food processing SIG, evaluate the current situation in the security field, the impact on the food industry and future challenges. Understanding cybersecurity Cybersecurity is a set of activities and measures taken with the objective to prevent, detect and react to unauthorised access or cyber-attacks, which could lead to an accident, an unsafe situation or performance degradation. Critical infrastructures used in factories, power plants, etc. rely on operational technologies to monitor and manage industrial process assets and manufacturing/industrial equipment to execute automated actions. Operational technology (OT) interfaces with the physical world and includes industrial control systems, which in turn include distributed control systems and supervisory control and data acquisition (SCADA). OT controlled by information technology (IT) is subject to cyber security risks (Figure 1). Using IT to control a physical process also means new risks to safety and environment. For this reason, OT becomes a cyber critical system as an attack on the OT has a direct impact on the physical processes. Figure 1Open in figure viewerPowerPoint Interface between operational and information technology Information technology (IT) security scope is to protect data. Operational technology (OT) security protects the physical process that is operated by IT. Cyber-attack on Ukraine The potential of cyber-attacks to cause widespread disruption is not simply theoretical. A real incident that resulted in power outages for roughly 230,000 consumers in Ukraine for one-six hours was triggered on 23rd December 2015 on the SCADA system of the Ukrainian Power Grid, which resulted in the power grid shutdown; this had been carefully planned for several months. Step 1 In Spring 2015 an employee of Prykarpattya Oblenergo opened the Excel attachment of an email (phishing) and one office laptop was compromised by the BlackEnergy malware. The aim of the malware was to gather intelligence about the infrastructure and networks in order to prepare for future cyber-attacks. Step 2 During summer 2015, the BlackEnergy malware was remotely controlled to collect data and detect vulnerabilities. The malware detected an open connection from an IT system to an OT supervision platform and collected OT component information. Ready to trigger malwares were installed on both the IT and OT systems, seizing control of SCADA. Step 3 Two days before Christmas 2015, the hacker took control of the human-machine-interface and switched off the grid's switchgears, wiping out many disks (using KillDisk, a malware that can be used to erase every file of data on a hard drive) and overriding the Ethernet-to-serial gateway firmware with random code, to prevent the power from being switched on again after the attack was performed. The operators were not trained to respond to the attack or to understand how to limit its consequences. The example above is clear evidence that cybersecurity includes more than technology! To ensure the security of the control systems, cybersecurity requires a three-pillars approach that combines technology, people and processes (Figure 2). Figure 2Open in figure viewerPowerPoint Three pillars approach to cybersecurity Impact on the food industry Systems used in the food industry are becoming more and more sophisticated and new technology is continuously being introduced to increase the automation of work processes. Whereas in the past OT elements were not connected, today it is very difficult to find any that are not. Software, IT solutions, connections and digital technologies have become very common, providing more flexibility, and have contributed to reducing the cost of managing industrial processes and the manufacture of products. The price for the evolution of these systems is the introduction of new vulnerabilities that could be exploited to compromise the confidentiality, integrity and availability of the data (Figure 3), with consequences for the safety of the system, its availability and its impact on wider business issues1. Figure 3Open in figure viewerPowerPoint Vulnerabilities in data Hence, a security breach in the food industry can badly impact the availability, integrity (safety and business) and confidentiality of the data used throughout the production process. A non-exhaustive list of areas that could be impacted by a cyber-attack are listed below: Business and cash flow: the business can be affected by major reputational damage and the cash transactions can be strongly reduced/affected. Denial of services that could also make the business unable to operate and sell goods as usual. Sales and operation planning: cyber-attacks can adversely affect the availability of the data (or even its integrity) causing delays in planning activities that could affect the sales and the operations of the business. In a few cases this could even affect the full supply chain up to the consumers (lack of visibility of the info). Health and Safety: cyber-attacks can impact the integrity of the data used in the food production process. If the data is linked to a critical operation this can adversely affect the final product with possible consequences for the safety of the final consumer or the people operating in the food factory. Recipe management: the confidentiality of the data and specifically the confidentiality of the recipes used can be compromised if a security breach causes leakage of information and data are stolen. Cyber-criminal actors are targeting food businesses and the number of cyber-attacks is increasing. Recent examples of food industry cyber-attacks JBS At the end of May 2021, a major ransomware attack was successfully performed on the world's largest meat processor, JBS. The attack and the consequent disruption (JBS was forced to temporarily stop production in the US, Australia and Canada) threatened food supplies and caused potentially higher food prices for consumers. RANSOMWARE Ransomware is a type of malware from cryptovirology designed to encrypt files on a device, denying a user or organisation access to them. Dozens of ransomware variants exist, each with its own unique characteristics, e.g. Ryuk, REvil (Sodinokibi), Maze, Wannacry, etc JBS has paid the equivalent of $11m (£7.8m) in ransom to put an end to the ransomware cyber-attack. The company declared that it was necessary to pay to protect customers. Tesco In October 2021, Tesco's website was hit by a cyber-attack leaving end-customers unable to access online services for nearly two days. The attack caused a ‘Denial of Service’ and economic damages as customers placed their online orders with Tesco's competitors. Tesco did not disclose the type of attack received and declared: ‘There is no reason to believe that this issue impacts customer data and we continue to take ongoing action to make sure all data stays safe.’ Managing security risks In 2017, the British Standards Institution, sponsored by the Department for Environment Food and Rural Affairs and the Food Standards Agency, published PAS 96. The aim of PAS 96 is to assure the authenticity and safety of food by minimising the chance of an attack and mitigating the consequences of a successful attack. It describes threat assessment critical control points (TACCP), a risk management methodology, which aligns with hazard analysis critical control point (HACCP) but has a different focus. HACCP typically focuses on accidental contamination of food, whereas TACCP is more concerned with deliberate attacks. TACCP is the systematic management of risk through the evaluation of threats, identification of vulnerabilities and implementation of controls to materials and products, purchasing, processes, premises, people, distribution networks and business systems by a knowledgeable and trusted team with the authority to implement changes to procedures2. Industry 4.0 has taken the manufacturer and the food industry into a new phase where the production process is heavily focused on interconnectivity, automation, machine learning and real-time data. Systems so sophisticated can be subject to cyber-attack that can cause harm or serious damage. Food businesses strongly rely on risk assessments and structured processes. However, cybersecurity risks and the possible consequences on integrity, confidentiality and authenticity may not always be fully considered when building the processes or when risk assessments are performed. Big companies that have invested in IT security are likely to have already extended cyber-security risk evaluation to the OT security aspects. Small and Medium Enterprises (SMEs) are probably still trying to catch up with this aspect. When placing an order for new equipment, health and safety requirements are considered and addressed. What about cybersecurity requirements? What if… you bought a new piece of equipment that can be controlled remotely and you have no details on how the security of communication is guaranteed? Is the person/department buying the new equipment aware of possible cybersecurity issues and are they discussed in the contract? What if… a cyber-attack is successful? Could you prevent it? If not, could you mitigate the impact of the attack and/or recover from it minimising the damages? What if… a security risk assessment has been performed and you have not cascaded the mitigations properly? i.e. is there a procedure? Who is responsible for training the personnel in security risk management? The above questions highlight the need to consider the security issues in risk assessment and the necessity of raising awareness around the whole security problem. People are the most fundamental asset and they are essential to security; as such a business should ensure training to raise awareness to reduce the security risks and respond correctly to issues. Cybersecurity is a continuous process and it is important to have in place organisational methods, such as security monitoring and procedures, to respond to incidents and recover from them. Cybersecurity requires a combination of countermeasures that contribute to the security of the OT. A risk assessment should be performed considering security aspects and the possible consequence of a security breach for the continuity of the operations, the safety of the end-user/consumer and for the business. The first step to address security is to plan strategically the activities to be undertaken throughout the full product lifecycle. Understanding the assets and their vulnerabilities and performing a dedicated risk assessment is another fundamental step in the process of managing security risks. A security risk matrix should be in place considering both the likelihood and the severity of a cyber-attack. EU security Directive The EU Directive on security of network and information systems (NIS Directive) is the first piece of EU-wide cybersecurity legislation and was adopted in 2016 to increase security across the EU. Its implementation in the UK is led by Department for Culture, Media & Sport (DCMS), and it was transposed into UK law in May 2018. The main scope of the NIS Directive is to ensure that organisations within vital sectors, identified as operators of essential services (OES), should take appropriate and proportionate security measures to manage risks to their networks and information systems. The main objectives of the NIS directive are: Appropriate security risk management, Detection of security events, Protection from cyber-attacks, Mitigation of the security incident impact. The 2016 NIS Directive, which mandates providers of critical infrastructure and other services to comply with a range of cyber security requirements, is due to be replaced with a revised ‘Directive on security of network and information systems’ (NIS2). NIS2 aims to extend the security requirements to new sectors, including postal and courier services, waste management, food and manufacturing of certain critical products, such as pharmaceuticals. NIS2 also aims to address cybersecurity risks in supply chains and supplier relationships. It should be noted that the NIS2 is a European Directive that is cascaded down to all Member States. Each Member State needs to incorporate it into law before the end of 2024. It is not yet clear whether the UK will adopt NIS2 on a voluntary basis. Security of data needs to be approached in a structured and systematic way, performing security risk assessment and managing the security risks considering the technology as well as the processes and people involved in cyber-security solutions. Conclusions We have seen how the UK food industry can be impacted by cyber-attacks that influence organisations, end users, but also the food supply chain. Security of data needs to be approached in a structured and systematic way, performing security risk assessment and managing the security risks considering the technology as well as the processes and people involved in cybersecurity solutions. The food industry could be mandated to manage security, perform security risk assessment and put in place policies and procedures to respond to the NIS2 if this is adopted in UK law. The food industry, from big corporates to SMEs, agricultural producers and farmers, will benefit from improved management of cybersecurity. We must keep asking: what if? Lucia Capogna MIET, Software and Cyber Security expert Lucia has more than 15 years’ experience in various industries, including Oil&Gas, Renewable energy, Defence and Railway. She represents the UK in several European and International Standardisation groups for both Safety Software and Cyber Security. email lucia.capogna@gmail.com Mariella Barra CSci FIFST Mariella has been working in the food industry for over 12 years, mostly in product and process development roles. She is passionate about bringing more process expertise to R&D to bridge the disconnect between OPS and R&D. Her current interests are new process technologies and thermal process preservation. email mariella.barra84@gmail.com Simon Langley MIFST, Process Development Manager at Dalehead Foods (Pilgrim's Pride Ltd) Simon has extensive cooked meat processing experience within the group. Interests lie in: preservation, thermal processing, and process and recipe improvement. email simon.langley@dalehead.co.uk The IFST Food Processing SIG (Special Interest Group) brings together members who work in different sectors within the food system, united by their common interest in processing; it includes members from both industry and academia. The SIG aims to look at what is ‘between the bench and the shelf’ and to focus on every aspect of food processing. Its scope covers all areas related to processing, including but not limited to manufacturing operations, continuous improvement, process design and instrumentation. This article was inspired by a technical discussion initiated by the SIG on cybersecurity and how it can impact food businesses. We thank Denis Treacy and Craig Leadley for the useful discussion. References 1 IT Governance. ISO 27000 series of standards. Available from: https://www.itgovernance.co.uk/iso27000-familyGoogle Scholar 2 BSI Standards. 2017. PAS 96:2017 guide to protecting and defending food and drink from deliberate attack. The British Standards Institution Google Scholar Volume36, Issue2June 2022Pages 46-49 FiguresReferencesRelatedInformation
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.001 | 0.000 |
| Meta-epidemiology (narrow) | 0.000 | 0.000 |
| Meta-epidemiology (broad) | 0.000 | 0.000 |
| Bibliometrics | 0.000 | 0.002 |
| Science and technology studies | 0.002 | 0.001 |
| Scholarly communication | 0.000 | 0.000 |
| Open science | 0.000 | 0.001 |
| Research integrity | 0.000 | 0.000 |
| Insufficient payload (model declined to judge) | 0.000 | 0.000 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it