Lessons in Cybersecurity: Honey Bees and Supply Chain Attacks
According to the American Beekeeping Federation, “approximately one third of all the food Americans eat is directly or indirectly derived from honey bee pollination.” Ten years ago, there were stories of honey bees mysteriously vanishing by the millions. Though reported by most major outlets, this news was presented with much less fanfare than the common exploits of a reality star.
These amazing creatures that we admire for their honey, hives, and ability to beat their wings 200 times per second were vanishing. But why? Why wasn’t there more alarm raised given the fact that a third of the food Americans eat is tied to honey bee pollination? Such a serious threat to our ecosystem should have had regular sound bites from political pundits as well as answers from the brightest entomologists on how to stop this disruption at such a critical point in our food supply. Americans, having long been removed from the agricultural age, currently rely heavily on an industrial agriculture approach to the production of immense single crop farms. Events such as honey bees mysteriously vanishing can be the catalyst for a myriad of food production threats. Apples, berries, melons, broccoli, almonds, and many other foods are reliant on honey bees for pollination and are threatened when honey bee numbers drop. A graver threat is as our production decreases, honey produced by other countries is diluted with fructose syrup, labelled as pure honey originating from the U.S. and enters our food supply already tainted, potentially resulting in deadly consequences.
What does the plight of the vanishing honey bee have to do with supply chain attacks? For years bees have been used in both real life and fictional examples relating to cyber security. Their severe decrease in numbers has the potential to create global consequences and can teach us how to better manage risk to our supply chains before permanent damage occurs.
Fiction. A 2016-episode of NetFlix’s Black Mirror titled “Hated in the Nation” followed two detectives. One of these detectives transferred from a cyber forensics department to assist in solving the mysterious murders of hated public figures tagged through social media for elimination. A break comes in the case when an Autonomous Drone Insect (ADI) is found during a brain autopsy of one of the victims. ADI’s were being used as replacements for bees due to a collapse in the bee population as well as for government surveillance. The bees were hacked by a cyber-criminal in order to kill people that participated in the social media game.
Reality. “Earlier this month, Walmart filed a patent for a “Pollination Drone” that would be capable of pollinating flowers and crops the same way a bee would. The drone would be fitted with cameras and sensors to identify pollen in one flower before taking it to another. The robo-bees would also have “sticky bristles” that extract the pollen and keep it held until the Pollination Drone arrives at another flower.” – Can Robotic Bees Replace the Real Thing? Walmart Files Patent for ‘Pollination Drone’ by James Hetherington 3/15/18 in Newsweek
Given the importance of the honey bee to the food supply chain, it is important to study, understand, and better predict behaviors and risk factors that affect their survival. This same understanding and risk management can be applied today to the interconnectivity of our information systems. In a borderless security perimeter, today’s cloud infrastructures (think Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Desktop as a Service (DaaS)) exponentially increase the requirement to protect against supply chain attacks.
Traditionally recognized network boundaries are now vulnerable because interconnected services and suppliers increase the attack surface. Cyber criminals exploit known and unknown supply chain vulnerabilities, such as third-party suppliers with access to client assets without client knowledge, due to inadequate security (e.g., poor authentication, authorization and accountability). Even with the implementation of continuous monitoring and automated tools, the supply chain is still susceptible to attack. This was demonstrated when cyber criminals infected the free software CCleaner with backdoor software. There were 2.27 million technology and telecommunication company systems with CCleaner installed that were infected with the backdoor malware.
Effective application of cybersecurity across an ever-changing information technology landscape requires organizations to understand their infrastructure (both internal and external), manage and track assets, establish processes for vetting trusted manufacturers, foundries and vendors, and continuously improve upon existing strategies. Unfortunately, processes and procedures for completing these critical activities are often either overlooked or simply pencil-whipped to meet mandatory high-level inspections, leaving the establishment vulnerable. A complete culture change is required to address the gravity of risk mismanagement at all critical insertion points of the supply chain.
Such culture change begins with the unveiling of the organization’s existing (or planned) system lifecycle and critical business methods. One possible activity is to conduct an in-depth verification and validation (V&V) of a system’s compliance with sector/industry standards and United States (U.S.) Government policies prior to its deployment. Once an initial V&V is completed, continuous cybersecurity procedures must be implemented and maintained to sustain a healthy security posture and thwart potential supply chain attacks before they occur. Another example from a risk management perspective is to assess each vendor to ensure they follow sector/industry standards and U.S. Government policies ranging from timely notification of security incidents to compliance with U.S. import and export restrictions.
Implementing and sustaining a tailored, in-depth defense and risk management based approach to secure an organization’s infrastructure may incorporate cybersecurity experts experienced in the following areas:
- Artificial Intelligence
- Cloud Security
- Deep Data Analytics/Deep Learning
- Hardware Design
- Program Management
- Software Development
- Supply Chain Risk Management (SCRM)
- Verification & Validation
In the same way the vanishing honeybee has the potential to produce far reaching consequences, any breach in an organization’s security damages not only the safety and integrity of its supply chain, but has the potential to reach beyond invisible infrastructure borders to harm others globally.
Due diligence must be taken to continuously monitor and audit (internally and externally) for supply chain attacks. Proactive execution of steps to mitigate and ultimately eliminate risks associated with conducting business in an interconnected environment will continually improve and preserve supply chain security.