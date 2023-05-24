Comment on this story Comment Gift Article Share

Below: The White House taps an Air Force general to lead U.S. Cyber Command and the National Security Agency, and crypto is being used to finance fentanyl ingredients. First:

First in The Cybersecurity 202: The Food and Agriculture Information Sharing and Analysis Center debuts

For years, the food and agriculture industry has been a rarity among critical infrastructure sectors: It has had no formal, stand-alone mechanism for sharing cyberthreat information between companies, known as an information sharing and analysis center.

Advertisement

Today, that changes with the formation of the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC).

Cyber experts have repeatedly cited the sector’s lack of its own ISAC as a dangerous security gap in the industry’s ability to get a full picture of the tremendous risks it faces. Backers of the ISAC, which includes major industry players like PepsiCo to Tyson Foods, expect it to fortify the defenses of its members.

“This has the ability to further strengthen a very robust industry as it is today,” Paul Hershberger of Cargill, a founding board member of the ISAC, told me. “To be able to continue to drive the focus on what is good cybersecurity hygiene will benefit participants in the industry across the board.”

The threat

The most prominent attack on the food sector to date was the 2021 ransomware infection of networks at JBS, the world’s largest meat processing company. The attack shut down plants, drove up beef prices and prompted the Food and Drug Administration to encourage other companies to increase production in response to a predicted shortfall. (The company ultimately paid an $11 million ransom to the hackers.)

Advertisement

But experts fear attacks could do more harm than that. Cyber incidents could lead to tainted food and the injury or death of plant workers, the University of Minnesota’s Food Protection and Defense Institute told regulators the same year of the JBS attack.

“Fast-spreading ransomware attacks could simultaneously block operations at many more plants than were affected by the [covid-19] pandemic,” the institute said.

Just this month, food distribution giant Sysco told employees that hackers made off with sensitive data about its business, customers and workers. Dole suffered its own cyberattack this year that shut down North American production.

The organization

The Food and Ag-ISAC is the evolution of a food-focused information-sharing subgroup within the information technology ISAC (IT-ISAC). That group has filled the void, to a degree, since the shutdown of a prior food ISAC that started in 2002 and shuttered in 2008 due to a lack of use.

Advertisement

Companies and trade associations that the IT-ISAC had been working with have been discussing for the last couple years the idea of breaking out the food subgroup into its own ISAC, Scott Algeier, executive director of both the IT-ISAC and the Food and Ag-ISAC, told me.

The Food and Ag-ISAC can build on what the IT-ISAC food subgroup has developed, he said. What’s gained in formalizing an ISAC, Algeier said, is a higher profile and clarity; no longer is the group just part of another organization. That in turn brings more opportunities for sponsorships and “enhanced funding for initiatives specific to the food and agriculture industry,” he said.

The new ISAC will have its own, separate board of directors from the IT-ISAC. That board will determine who becomes a member, but will draw from the entire farm-to-table supply chain, such as companies that produce and store food or provide financial services to the industry, Algeier said.

Advertisement

In addition to Cargill, PepsiCo and Tyson Foods, the other founding board members are Bunge Limited, Conagra Brands and Corteva Agriscience. (JBS is not a part of the ISAC at the outset, and it has not had discussions with the company yet, Algeier said.)

“Industry-specific cyberthreat intelligence better positions organizations to take decisive action to protect company infrastructures and data,” Mark Freed, cybersecurity senior adviser at Corteva Agriscience, told me via email.

Rep. August Pfluger (R-Tex.), who has introduced food and agriculture cybersecurity legislation that would require a federal study on the value of creating a food ISAC, applauded the creation of the new organization. “Food security is national security, and cyber threats present one of the greatest risks to America’s supply chain,” he said in a statement.

Advertisement

The foundation laid with the IT-ISAC subgroup helps ensure the separate ISAC won’t encounter the same pitfalls as the earlier, failed ISAC, Algeier said. Another plus to avoiding those pitfalls is a growing interest in threat information sharing and the backing of big industry players, he said.

“There’s a lot of momentum from industry driving us, and I’m confident that we’ll be able to sustain momentum and continue to grow,” Algeier said.

The keys

Biden taps Lt. Gen. Timothy Haugh to lead NSA, Cyber Command

President Biden is nominating Lt. Gen. Timothy Haugh to lead the National Security Agency (NSA) and U.S. Cyber Command (Cybercom), Lara Seligman and Maggie Miller report for Politico, citing an Air Force notice obtained by the outlet.

Paul Nakasone , who has led both NSA and Cybercom since 2018 and is If confirmed to the dual post, Haugh would replace Gen., who has led both NSA and Cybercom since 2018 and is slated to retire sometime this year. He was asked to stay on after his four-year term ended and has drawn praise from both Republicans and Democrats.

“Haugh, who had been generally expected to get the nod, has been involved in the Pentagon’s cyber efforts for years. He previously led the Sixteenth Air Force, or Air Force Cyber, and also served in stints as the director of Cyber Command’s Cyber National Mission Force and as the agency’s director of intelligence,” Seligman and Miller write.

The nominee could face pushback from Sen. Tommy Tuberville (R-Ala.) who has placed holds on some Defense Department nominations to protest the agency’s abortion travel policy, the report notes. A Tuberville spokesperson confirmed to Politico that the holds would include Haugh’s nomination.

U.S., South Korea to sanction ‘illicit’ North Korean IT workforce

The United States and South Korea announced sanctions against “illicit” North Korea IT workers operating out of China and Russia for allegedly funding weapons of mass destruction (WMD) and missile programs, Christopher Bing and Doina Chiacu report for Reuters.

Advertisement

They write: “One individual, Kim Sang Man, and the North Korea-based Chinyong Information Technology Cooperation Company were sanctioned jointly by the United States and South Korea in relation to their IT worker activities, U.S. Treasury Department said.”

North Korea’s worldwide operation of IT workers generates revenue that finances the unlawful missile and WMD programs, according to the Treasury Department.

The workers had secretly taken jobs in various industries including business, health, social networking, entertainment and sports, the agency said.

This is not the first time the Treasury Department has gone after North Korea for thefts that tie back to its regime. White House cyber official Anne Neuberger recently said that about half of North Korea’s nuclear missile program is funded by cyberattacks and cryptocurrency theft.

Read more about North Korea-linked hackers’ practice of pilfering cryptocurrency for its regime and missile program in this Cybersecurity 202 from March.

Chinese labs accepting crypto payments in exchange for fentanyl ingredients, report finds

Chinese chemical producers are accepting cryptocurrency payments for fentanyl ingredients that are being distributed to drug production operations around the world, Andy Greenberg reports for WIRED, citing findings from crypto trading firm Elliptic.

Advertisement

“Researchers at Elliptic found more than 90 Chinese chemical companies that sold fentanyl ‘precursor’ chemicals and advertised their products on the open web, fully 90 percent of which offered to accept payment in cryptocurrencies like Bitcoin and Tether,” Greenberg writes.

The analyzed cryptocurrency addresses are estimated to have received over $27 million in sales. That’s likely just a fraction of the entire crypto-linked fentanyl supply chain, the research said.

“The number of crypto transactions is significant, and you only need a small amount of these materials to produce fentanyl and other narcotics in quantities that both have an extremely high street value and could potentially lead to huge numbers of overdoses,” Elliptic co-founder Tom Robinson told WIRED.

A bill introduced in Congress this week aims to target international fentanyl trafficking online. The United States has previously sanctioned fentanyl ingredient suppliers in China, the WIRED report notes.

Hill happenings

Industry report

National security watch

Global cyberspace

Advertisement

Cyber insecurity

Privacy patch

Daybook

Secure log off

Thanks for reading. See you tomorrow.

GiftOutline Gift Article