• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » How Mass Consolidation Turned Food, Energy Firms Into Hacking Targets

How Mass Consolidation Turned Food, Energy Firms Into Hacking Targets

hacker
June 4, 2021
Bloomberg

A company that slaughters cattle may seem like an unlikely target for a cyberattack. That is, until you realize that taking out just one company could paralyze burger and steak supplies for all Americans.

That’s the lesson from the recent ransomware attack on one of the biggest U.S. beef producers. Namely, that a fervor for mergers and acquisitions has created single points of failure in some critical industries, making them prime targets for hackers who want to threaten huge disruptions to cash in on the biggest payouts possible.

The attack on JBS SA, which started over the Memorial Day weekend, wiped out production at plants that account for almost a quarter of U.S. beef supplies. That came just weeks after a hack on Colonial Pipeline Co. managed to take out 45% of the East Coast’s fuel supply, driving up gasoline prices and sparking shortages in some parts of the country.

It’s the natural risk that comes from the cheap food and energy bills that Americans have come to rely on. Fierce competition among companies to contain costs and achieve scale sparked a wave of consolidation that has left the vast majority of production in the hands of a few giant commodity producers that now oversee giant bottlenecks of supply. In turn, these companies have become sitting ducks for hacker groups that know any downtime of critical operations can cost millions and have serious economic impacts, making it all the more likely that companies will meet their demands.

Colonial ended up paying a $5 million ransom to regain control over its pipeline. JBS declined to comment on whether the Brazilian company paid a ransom, or on the risks of industry concentration.

“Massive scale, combined with the fact that critical infrastructures are frequently not well defended, make them such a prime target for hackers,” said Amit Yoran, chief executive officer of cybersecurity firm Tenable. “This puts organizations that operate critical infrastructure, which every consumer relies on, in the hot seat to either pay the ransom or deal with the economic fallout.”

Colonial Pipeline

Fuel storage tanks connected to the Colonial Pipeline Co. system. Photo: Bloomberg.

Of course, it’s not just commodity producers. American government agencies, businesses and health facilities have suffered a series of devastating hacks, and President Joe Biden’s infrastructure proposal includes billions of dollars tied to improving cybersecurity. But the companies that are critical to food and energy supplies are both particularly important to everyday consumers and especially vulnerable because their boards tend to be dominated by industry stalwarts rather than executives with technology expertise, and they often don’t have the safeguards in place seen in some other sectors.

“These companies tend to be old school,” said Danny Jenkins, CEO of cybersecurity firm ThreatLocker. “What the bad guys have realized is that if they can go after these guys, they don’t have the security in place, but they have the pockets.”

In the case of the meat industry, there are no U.S. Department of Agriculture cybersecurity regulations or requirements, a U.S. official said.

Meanwhile, JBS, the largest meat producer globally, is flush with cash. Booming protein demand helped the Sao Paulo-based company post its best-ever quarterly profits in the first quarter after generating record cashflow in 2020.

JBS grew to global dominance from its start as a single Brazilian slaughterhouse in 1953. Founder Jose Batista Sobrinho bought the abattoir with money earned from trading cattle in Goias, a rural state in the center-west of Brazil. After expanding in Brazil, often through acquisitions of failing businesses, the company started to grow overseas with major takeovers including U.S. meatpacker Swift & Co. in 2007, beef units of Smithfield Foods Inc. in 2008 and the 2009 purchase of Pilgrim’s Pride Corp., the No. 2 U.S. poultry producer.

The company is now the No. 1 beef producer in the U.S., accounting for 23% of the nation’s maximum capacity compared with rival Tyson Foods Inc.’s 22% share, according to an investor report by Tyson. JBS accounts for roughly a fifth of pork capacity.

The U.S. meat industry is so concentrated that when JBS plants shut down this week, the USDA couldn’t report on some key pricing because there are so few data points that disclosures would likely shed light on how much competitors were making. The consolidation also created major supply disruptions last year when COVID-19 outbreak forced shutdowns at major processing facilities, sparking meat shortages that even ensnared burgers at Wendy’s.

The majority of U.S. beef consolidation took place in the 1980s and 1990s, when companies built far bigger plants than ever before to capitalize on economies of scale. By 2000, a single cattle plant could process 6% of the nation’s output.

There have been concerns over Big Meat’s exposure to attacks during the past couple decades, but they never became a major flashpoint until recently, said James MacDonald, an agriculture economics professor at the University of Maryland. Congress has been examining legislation to address cattle markets and rural lawmakers recently pressed the Justice Department for action on an anti-trust investigation of the beef industry launched last year after the Covid disruptions. The cyberattack on JBS further underscores the risks associated with concentration, MacDonald said.

“Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat processing capacity,” U.S. Senator John Thune of South Dakota, the Senate’s No. 2 ranking Republican leader, said in an emailed statement.

The energy world is similarly at risk.

The Colonial Pipeline alone hauls almost half of all the fuel consumed on the U.S. East Coast. When it shuttered, it only took a few days for gasoline stations and terminals across several states to run dry. Reliance on the conduit system has grown over the years as refineries along the East Coast closed because they couldn’t make money in the face of competition with rivals better positioned to process increasingly abundant shale oil. Also, tougher regulation and fierce opposition from environmental activists made it increasingly costly and more complex for companies to pursue major pipeline projects.

A few other names, including Energy Transfer LP, Enterprise Products Partners and Kinder Morgan Inc., control the bulk of U.S. major fuel pipelines. Williams Cos. alone handles almost a third of all the natural gas Americans use every day for heat, power and cooking, according to information in the company’s website.

“If I just have to hack into one company that owns a lot of assets, I can get to all those assets much more easily than if they’re owned by a bunch of separate little companies,” said David Drescher, co-founder and board member of Mission Secure Inc., which helps oil and gas companies with their cybersecurity.

“I can get a big bang for my buck as a hacker.”

RELATED CONTENT

RELATED VIDEOS

Data Management (Big Data/IoT/Blockchain) Technology Supply Chain Security & Risk Mgmt Chemicals & Energy Food & Beverage
  • Related Articles

    Better Than Amazon? How Bradley Jacobs Turned a $63M Bet Into a $12Bn Transportation Empire

    Vietnam-Linked Hacking Group Targets Toyota, Other Companies

    Hackers Attacking U.S. and European Energy Firms Could Sabotage Power Grids

Bloomberg

FedEx to Cut Management Jobs by More Than 10%, CEO Says

More from this author

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • DOCUMENTS BEARING THE INSIGNIA OF US CUSTOMS AND BORDER PROTECTION LIE ON A TABLE

    New CBP Regs Call for Greater Diligence by Brokers in Reporting Security Breaches

    Freight Forwarding/Customs Brokerage
  • A WORKER IN A WAREHOUSE, SUPERIMPOSED WITH GRAPHICS SHOWING SUPPLY NETWORK

    Enabling Intelligent Visibility With Supply Chain Analytics

    Data Management (Big Data/IoT/Blockchain)
  • A GROUP OF WORKERS RANGED IN AN OFFICE, OF DIVERSE RACE, GENDER, AGE AND PHYSICAL ABILITY

    Podcast | The Supply Chain Workforce of the Future Is Already Here

    HR & Labor Management
  • GSCMS-Promo.png

    Watch: Introducing the Global Supply Chain Marketing Summit

    Education & Professional Development
  • A HAND TURNS A LARGE, LIGHTED DIAL WITH THE WORD RISK ON IT iStock-NicoElNino-1364371014.jpg

    Measuring KPIs and KRIs for Comprehensive Supplier Performance Management

    Technology

Digital Edition

Scb nov 2022 sm

2022 Supply Chain Innovator of the Year

VIEW THE LATEST ISSUE

Case Studies

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

  • Expanding Apparel Brand Scales Seamlessly with E-Commerce Technology

  • How a Global LSP Scaled its Security Program and Won More Business

Visit Our Sponsors

Orderful Yang Ming Alithya
Barcoding Blue Yonder BNSF Logistics
CoEnterprise Data Capture Deposco
E2open GAINSystems Generix
Geodis GEP GreyOrange
Here Honeywell Intelligrated IFM
Infor Inmar Keelvar
Kinaxis Korber Lean Solutions Group 2H
Liberty SBF Locus Robotics Logility
LogistiVIEW Lucas Systems MCA Connect
MPO Nvidia Old Dominion
OpenText ORTEC Overhaul
Parsyl PMMI QIMA
Redwood Logistics Ryder E-commerce by Whiplash Saddle Creek Logistics
Schneider Dedicated Setlog Holding AG Ship4WD
Shipwell Tecsys TGW Systems
Thomson Reuters Tive Trailer Bridge
Vecna Robotics Verity
Verusen
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing