SAN JOSE, CA - You might recall that earlier this month we shared an update from ZAG Technical Services about some best practices for cybersecurity. As a continuation of Cybersecurity Awareness Month, the industry partner also shared some of the trending schemes and scams that have impacted produce operators as of late.

“The type of attacks are staying relatively the same, the more notable changes are the frequency and cost,” Director of Client Strategy Patrick Day told me. “Ten years ago, the extraction of data and trade secrets was a higher priority. Today, cybercrime is big business driven by money both through ransoms and the sale of private data. In the last year alone, cyberattacks are reported to be up 38 percent.”

Malware, denial of service, phishing, spoofing, and identity- or IoT-focused attacks are common with the growth of the IoT due to our industry’s very connected third-party applications. It is reported that IoT cyber issues will double by 2025, as Patrick revealed. Malware and phishing tend to be the most common and can be some of the easiest to prevent with good cybersecurity programs.

“Cyberattacks are a business, and just like your own business evolves, so does the business of cybercrime. Both cybercrime and cybersecurity are intertwined; for every new attack or entry point created, a solution to stop that entry is being created to keep businesses as secure as possible,” Patrick said.

Today, cybercriminals are using fileless attacks that leave no footprint, and they are upping their engagement of supply chain attacks and using third-party vendors thanks to IoT to gain access to networks and create disruption at peak business times.

“Even the FBI has made it clear that cybercriminals understand the seasonal cadence of harvest and recognize that the start of a cherry harvest in fresh produce or a corn harvest in the grain belt is an ideal time to cause disruption,” Patrick pointed out.

Patrick continued by telling me that all operators should use a cybersecurity professional to conduct a company assessment of risk and develop a process of best practices needs. Using a professional organization with staff that is trained in current developing cybersecurity needs is critical to staying secure and managing your company infrastructure against threats.

“If there was one thing operators did today to protect their business, it would be multi-factor authentication (MFA), as it is one of the most effective ways of managing some cybersecurity risks. Passwords are no longer enough. If you aren’t currently using MFA, you absolutely should be—it is a fast-growing reality,” Patrick concluded.

As we continue to monitor the evolution of cybersecurity, keep coming back to ANUK.

ZAG Technical Services