Microsoft Word HenryOkupa2020


Figure 2.1: Cumulative Number of Exposed Records in the US between 2014 and


Download 0.84 Mb.
Pdf ko'rish
bet11/20
Sana14.09.2023
Hajmi0.84 Mb.
#1678285
1   ...   7   8   9   10   11   12   13   14   ...   20
Bog'liq
HenryOkupa2020

Figure 2.1: Cumulative Number of Exposed Records in the US between 2014 and 
2018 (Excluding Government) 
Source: Bloomberg, 2019 
Figure 2.1 includes confidential information harvested from the retail giant, Target, and the 
ag chemical giant, Monsanto. It includes Cambridge Analytica’s harvest of more than 50 
million user profiles from Facebook. Cambridge Analytica’s approach was simple but 
0.00
0.50
1.00
1.50
2.00
2.50
3.00
3.50
4.00
1/1/2014
1/1/2015
1/1/2016
1/1/2017
1/1/2018
E
XPOSED
Records
(B
ILLIONS
)
Cyberattacks


14 
effective. They built a quiz app and used it to collect profile and other data from those 
completing the quiz as well their friends and their friends’ friends who had nothing to do 
with the quiz. This illustrates how competitors may intercept information of commercial 
and competitive value and use them to their advantage in client acquisition and market 
share development (Norton, MacAfee). Examples of how this may be accomplished for 
commercial purposes were seen in the 2016 Presidential elections.
Alteration of formulation can present significant risks exceeding those presented by 
those already presented. Imagine a nefarious organization or individual altering the 
formulation for a pharmaceutical product in ways that cause harm to consumers using such 
products and hijacking the quality assurance process to mask the alterations. Depending on 
the objective of the individual criminal., the impact can be instant, rapid or very slow. The 
slower the impact, the longer it will take the authorities to discover the alteration in the 
product. Such a risk negates the warning the pharmaceutical companies put on their 
consumer-packaged goods – “discard if seal is broken”. The risk occurs in the 
manufacturing process and through the quality assurance activities. The foregoing is 
feasible because of programmable logic controllers (PLC). These are industrial digital 
computers that have been ruggedized and adapted for the control of manufacturing 
processes, such as assembly lines, robotic devices, or any activity that requires high 
reliability control and ease of programming and process fault diagnosis (Wikipedia). 
This example of what can happen in the pharmaceutical industry can happen in 
food manufacturing industries as more of product formulations and production are 
automated through networked systems. Opportunities for cyberattacks, their nature and 


15 
extent, are driven by the objectives of the attacker. However, as suggested by Joshua 
Cooper Ramos in his book Thinking the Unthinkable, failing to explore the different 
combinations of the unthinkable puts the “good guys” in a reaction mode all the time, 
chasing the “bad guys.” It is time for new and novel minds to explore radically dangerous 
scenarios as they build systems to protect the agri-food systems from the potential risks that 
cyber-attackers may use to unleash havoc on the food production, manufacturing and 
distribution system.
Data tampering is simply the changing (including insertions and deletions) of how a 
programming code is expected to behave. In lot of ways, it is biggest of all the cyber-
attack threats. Tampering involves other activities, such as interceptions. The criminal 
intercepts an unprotected packet of instruction that is being transmitted over a network, and 
modifies its contents, or changes its destination address. The intruder can also introduce 
malicious instructions that can cause significant havoc for industries and governments.
Since tampering begins with intrusion and then interception, it is important to think 
backwards and figure out how to prevent intrusions so that malicious tampering scan be 
prevented.
There is a subset of cyberattacks by cyber activist. These are the group that would 
disagree with a company’s product or the method that a company uses to produce a 
product. Individuals or groups of this nature have the tendency to use hacking to attack and 
tannish a company’s reputation, maliciously modify its automated processes, disrupt its 
operations and cause damage. 


16 
These attacks can be perpetrated from and in anywhere in the world. There is 
obviously no requirement for anyone involved in cyberattacks to even set foot in the 
facility that is being attacked. That makes it more frightening. Because of the foregoing, it 
will be proper to say that the agri-food industry has no choice but to guard against potential 
cyber-attacks. Unfortunately, it is not the case as would be expected, surprisingly. Several 
factors could be the reason why this is the situation as of now. They include a lack of 
awareness of the problem, incomplete and inadequate appreciation of the challenges, and 
connectivity loopholes, or inadequate security systems.
Let us begin with lack of awareness. Breaches in the food industries would not be 
noticeable initially, when compared to a machinery or equipment that is not functioning, or 
a flooring or roof in a factory that needs repairs. In most industries including the agri-food 
industry, protection of the computerized system resource wise is not in their priority list. 
They tend to pay more attention to budgets that pertains to productivity and improvement 
of food safety and quality before focusing on cybersecurity, particularly in companies that 
have never been attacked by hackers. This lack of focus towards cybersecurity can result to 
system vulnerability in the agri-food industry. Included in vulnerability of this nature is the 
operating systems that could be corrupted, insecure remote access portals, outdated 
firewalls and even employees that have little or no training whatsoever and not aware of the 
danger of potential risk as it relates to cyber-attacks. 
Another aspect of this lack of appreciation of the challenges is that firms that do 
have defense mechanisms in place against cyber-attacks, tend to often pay more attention 
to their database systems, and overlook the possibility of professional hackers utilizing 


17 
innovative methods and indirect access methods, through third party to bypass the gates 
(entry point) to gain access to company secret data that could be damaging to an agri-food 
firm being attacked. These are systems the concerned firm had assumed to be secure. 
Risk exposure to cyber-attacks also emanate from the assumption that processes of 
protecting and recovering networks, devises and programs from any form of cyber-attacks 
are intact. Cyber-attacks are dangerous to organizations, their consumers, and employees. 
These attacks are designed to access and destroy sensitive data or extort money (Norton). 
They can damage business practices and their reputations.
The connectivity in the agri-food sector includes control over the means of 
information, transportation of physical goods and services as well as intangibles, such as 
computer codes for equipment and facilities. This have become increasingly ubiquitous as 
organizations operate in the Fourth Industrial Revolution O Industry 4.0 (Figure 2.2). In 
this industrial era, which is reputed to have started around the turn of the current century, 
organizations are operating on cyber physical systems. It involves connected systems that 
utilize big data and augmented analytical processes to achieve business objectives.


18 

Download 0.84 Mb.

Do'stlaringiz bilan baham:
1   ...   7   8   9   10   11   12   13   14   ...   20




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling