CISO Update #43
The Role of Cybersecurity in Cream Cheese

Over the last several months you may have heard about disruptions caused by cyberattacks on critical infrastructure. In May, an attack shut down Colonial Pipeline, causing gasoline shortages across the east coast of the United States. By the way, the attack vector was a VPN account that didn’t use two-factor authentication (2FA), a control that we at FIT implemented several months ago. In June, JBS, the world’s largest meat processing company, paid $11 million in ransom to get back online. But now, in the midst of the holiday season, we find out about an even more serious and insidious disruption. The cream cheese shortage plaguing New York is due at least in part to a cyberattack in Wisconsin.

That’s right: While no one has offered a complete explanation for your inability to go to your local shop to get an everything bagel with a schmear, or for the bare shelves at Junior’s cheesecake, there is at least some evidence that a cyberattack is a contributing factor. Schreiber Foods, one of the largest cheese makers in the U.S., was taken down for several days in October by a cyberattack, and because cream cheese is a perishable product, large stockpiles aren’t maintained. That disruption leading into the December baking and entertaining season put a huge strain on the supply chain.

What can you do?

You might ask what each of us as individuals can do to protect infrastructure and supply chains.  Actually, every little bit helps. Many of these infrastructure attacks, while masterminded by sophisticated criminals and nation-state actors, use hijacked personal computers, phones, and devices like smart thermostats that are unprotected as launching points to go after their ultimate targets. So, if you value your cream cheese, update the software on those home routers, scrutinize emails, strengthen those passwords, and enable 2FA wherever you can. Lox without a schmear? Fruitcake instead of cheese cake? FIT, the choice is in our hands.  

Everyone in the Division of Information Technology wishes you a joyous and Cybersafe holiday season!

About Cybersafe
The Division of Information Technology is dedicated to informing the community of the latest cybersecurity threats. Visit and stay tuned for emails from for the latest from the Cybersafe campaign at FIT. Read past issues here.