Lactaid, a brand of lactose-free milk, is missing from the shelves of supermarkets like Costco and Publix. The reason: A cyberattack.
HP Hood Dairy, owner of Lactaid, did not disclose specifics, but cyber experts say it was likely a ransomware attack. The attack happened about two weeks ago, and Hood took all of its plants offline “out of an abundance of caution,” wrote Sarah Barrow, a company’s spokesperson, in an email to Quartz Thursday. The plants are now up and running, but some customers can expect a temporary delay in finding Lactaid products in stores.
Hood Dairy is the latest victim in a string of high-profile attacks on food manufacturers in the US, contributing to shortages amid tight supply chains and high prices. In October of 2021, a cyberattack hit plants and distribution centers owned by Schreiber Foods, one of the largest cheese manufacturers in Wisconsin, which closed for five days. That left bagel shop owners in New York City scrambling to find schmear. In the summer of 2021, a cyberattack on JBS, the largest meat producer globally, forced the shutdown of all its US beef plants, which process almost one-fifth of the country’s meat supply.
If they are successful, cyberattacks on large food manufacturers come with significant profits, said Ken Westin, director of security strategy at Cybereason, a cybersecurity company. JBS paid an $11 million ransom in bitcoin to limit the potential impact on restaurants, grocery stores, and farmers, reported the Wall Street Journal.
The attacks on food companies are largely ransomware attacks, in which organizations are blocked from accessing critical information. That could result in companies not being able to direct trucks where to go or process invoices, said Bob Rudis, chief data scientist at Rapid 7, a cybersecurity firm.
Fresh-food manufacturers, which are not tech-savvy, are particularly vulnerable, Rudis said, because if they shut down no revenue comes in and product may spoil quickly. Paying a ransom is “unfortunately what kind of happens in a lot of cases,” he said.
In 2021, ransomware attacks rose 105% from the year before to 623.3 million globally, more than triple the number in 2019, according to SonicWall, an internet cyber security company. The attacks are most prevalent in the US, followed by the UK.
Hackers used to steal basic personal information from credit cards, said Rudis. But that got harder as credit companies grew more sophisticated, adding chips and other security measures. In search of a new business model, hackers discovered that many organizations aren’t up to par on cybersecurity, he said.
The build-up started around 2016 with focus on schools and municipalities and hospitals. A large company like JBS has more the capacity for a large payout, said Rudis. “So really [they are] good entrepreneurs when you think about it,” he said.
There’s concern the attacks could be traced back to Russian hackers aiming to cause disruption to supply chains that could have dire impact on the US economy. “That could be sort of perceived on the Russian side as retribution for the sanctions that are being imposed on their own country,” said Westin. “That’s something we should be very concerned about now.”