The massive ransomware attacks on JBS and the Colonial Pipeline caused major disruptions. The Colonial Pipeline was shut down for five days and many gas stations ran out of fuel. It also made it difficult for major eastern airports to access fuel for airplanes. The huge pipeline consists of more than 5,500 miles of pipe. It is a giant artery that provides the East Coast with gasoline, diesel fuel, home heating oil and jet fuel for aircraft. It stretches from Houston to Linden, NJ. The pipeline supplies approximately 45% of the fuel for the Eastern Seaboard.
The JBS hack caused all nine of its US beef plants to shut down. In most cases, the plants re-opened within 24 hours. In other countries, JBS plants were closed for several days. In both cases, the ransomware attacks had no effect on the physical equipment. The emphasis now must be on protecting expensive, difficult-to-replace infrastructure. Computers that control this equipment may be vulnerable. Hackers have already infiltrated systems that controlled valves in a city waterworks. A water treatment plant in Florida recently had internet connected computers with passwords that were seldom changed. This system enabled managers to remotely control the computers that controlled water valves. According to Rich Pedroncelli of the Associated Press, a plant operator saw the cursor arrow moving and clicking on a valve. This valve started to release dangerous amounts of chemicals into the water supply. Fortunately, the operator saw it and stopped it before any damage was done.
For people working in meat plants, the emphasis must be on protecting the physical equipment. Recently, I talked to people at one major meat company and asked them what they were doing to protect their refrigeration system. One operator told me that nobody had thought about it. Managers need to seek the advice and listen carefully to the older mechanics and engineers who work hands-on with equipment that may be vulnerable. Managers should tour the plant and ask many questions. What would happen if the computer opened this valve or closed a valve and caused a pump to run dry? Running a pump dry can ruin it. IT departments can work on the software. My suggestions are methods to protect expensive, difficult-to-replace equipment from hackers’ computer commands. Plant operators should consider the following:
- Are the computerized controls for vital equipment completely isolated from the internet? The answer must be yes.
- Many pieces of equipment can be protected with old-fashioned, non-electronic mechanical controls that will shut it off if it gets too hot, spins too fast, has excessive pressure or a pump runs dry.
- There is some equipment that should NEVER be controlled by a computer. Some examples would be main spillway gates on a dam or valves that could mix chemicals together that could cause an explosion or fire. This equipment should be controlled by a person.
- Confirm that critical equipment is isolated from the internet. I am now traveling again and recently saw a mistake that could let a hacker in. Somebody at a plant bought a computer from a local store and attached it to a piece of equipment. That computer had no safeguards. It was operating totally outside of the company firewall, and it had the ability to find a WiFi connection, which can open the door to a cyberattack.
In this new reality, those people responsible for day-to-day plant operations should ask themselves and their teams: “Could my equipment survive a rogue computer command?”