Earlier this year, the wine industry in the U.S. received a big wake-up call regarding cybersecurity after around 70 wineries discovered they were at risk of being attacked by hackers. However, many in the industry may not be doing enough to safeguard themselves despite the current environment. To best protect themselves, vineyards and others in the space should invest in detection and response managed services.
In late May, Missing Link Networks Inc. told its clients that its sales software built and distributed just for wineries was compromised in April. Data related to approximately 250,000 customers was leaked in this incident, The North Bay Business Journal reported. Among the breached data included debit and credit card numbers, names, addresses and dates of birth.
How the industry responded to the hack
In the aftermath of the breach, Missing Link Networks said that it had patched the hole and was in the process of encrypting more of its data. Additionally, Andrew Kamphuis, president and chief operating officer of Vin65, told The North Bay Business Journal that the incident helped spur further awareness in the industry about cybersecurity. He said that while many wineries previously believed they were too small to be hacked, that assumption has been broken.
"We have not changed our internal practices, but this has allowed us to talk more about [cybersecurity]," Kamphuis said. "In the past, wineries may have seen that feature but not cared about it."
Of the more than 7,700 wineries in the United States, approximately 77 percent of them produce less than 5,000 cases of wine a year, according to the latest statistics from Wine Vine Analytics. While vineyards are typically small in the U.S., they drum up big business. In July, wine sales from both off-premises transactions and direct-to-consumer shipments totaled $669 million.
Are wineries doing enough regarding cybersecurity?
Kamphuis's quote is telling in that while vineyards are perhaps more aware of data leaks than ever before, they may not be doing enough to protect themselves accordingly. Indeed there have been some that have called on the industry to be more vigilant, although the Missing Link Networks breach shows that some were still caught off guard despite prior warnings. For example, here is what Wine Communications Group wrote in a December 2013 blog post in the aftermath of the Target hack:
"Many wineries believe that they're too small to be the target of a data breach, but in fact the opposite is true. 'Small' wineries don't have the funds to fight data theft like national and global corporations do, making them easy prey. The costs of a data breach, as Target is about to learn, are much more than refunding banks for the fraudulent purchases made."
The blog post recommended that in order to help protect themselves, wineries should strictly adhere to the Payment Card Industry Data Security Standard and encrypt data if they need to store it. While being compliant and making data less useful if stolen are certainly excellent steps for wineries to take, they are not enough.
For one, many hackers have found ways to bypass encryption and steal data before it is encrypted. In addition, as recent history has shown, multiple retailers and other firms have been the victims of data breaches even though they were PCI compliant at the time of the leak.
Instead of just relying on encryption and a compliance checklist to adequately protect themselves, wineries should invest in DRMS. When vineyards and other firms in the wine space leverage the services of a managed SIEM provider, they can rest assured knowing that anomalous behavior will be quickly detected, allowing them to take swift action when issues inevitably arise.
Cybersecurity news and analysis brought to you by Arctic Wolf, leading providers of detection and response security services. DRMS, when your firewall fails.