Lift a glass to cy-beer-security
Your beer can be hacked.
But a nearly 200-year-old brewery is taking on new strategies to protect your pilsner.
Original — Updated
Back in 1842, workers hauled chunks of ice from rivers and lakes into miles of cellars at the Pilsner Urquell brewery in the Czech Republic.
There, they started the pilsner brewing trend, still alive almost two centuries years later.
But now, this old-style brewery is digital, which means it’s open to what you might call a cy-beer attack.
Computers help turn out 120,000 bottles per hour.
Unless something stops them.
Barrels inside the Plzensky Prazdroj brewery. Image: Plzensky Prazdroj
In October 2017, the brewing computers mysteriously showed the “blue screen of death” and shut down.
“During three days, every morning at 4:00,” said Ondrej Sykora, who works to protect the Plzensky Prazdroj — or Pilsner Urquell — brewery in the town of Plzen.
“It was just for, let’s say, five to ten minutes,” he added.
Not long, but long enough to possibly leak thousands of dollars away.
They finally tracked down the source — a worker had plugged in a USB that let malware seep into the brewing system.
He or she is not the first employee to bring down the house with a USB drive.
A critical systems worker in the Middle East tried to watch La La Land on company computers last year and accidentally downloaded malware.
Plzensky Prazdroj brewery in Plzen, Czech Republic. Image: Plzensky Prazdroj
Was the brewery worker watching a movie?
“We don’t know exactly what,” said Sykora. “Probably yes, because it’s the standard situation.”
So standard that they must protect the systems not only from outside hackers, but their own people making errors, he said.
Sykora spoke at the Center for Industrial Cybersecurity summit in Madrid in October 2018, sharing his work to help others running factories and power plants.
Plzensky Przdroj monitors their systems for signs of attack, separates networks so bad guys can’t jump from one to another, and checks for security gaps, among other strategies, he said.
Not to keep the original Pilsner’s 176-year-old recipe safe from spies, but to keep the beer flowing.
“To prevent all of our technologies against unplanned shutdowns. That’s the main thing,” Sykora said. “We want to be ready, to let’s say, protect, and also if something happened, to very quickly start again the processes.”
Tanks inside the Plzensky Prazdroj brewery. Image: Plzensky Prazdroj
His co-workers joke that they don’t need cyber protection.
“They just say, ‘We are the brewery, not the nuclear power station,’” he said with a chuckle.
But these days, cyber attackers can cost companies millions of dollars, stopping production, damaging equipment — even hurting people.
“We have to think about it. We have to maybe think a little bit more effective about it,” Sykora said.
Too good to hack?
Plzensky Prazdroj’s brews are so popular that every other beer drunk in the Czech Republic comes from the brewery, according to Sykora.
He’d like to believe cyber attackers will stand down in the name of good beer.
“We cannot protect or prevent everything,” he said with a smile. “I just want to tell them, ‘Don’t do it because you destroy the beer, maybe what you like.'”
Pilsner Urquell in its traditional rounded mug. Image: Archer News Network
Probably Whisky Drinkers
Unfortunately, some cyber crooks may prefer a different drink.
They’ve already attacked a couple of breweries in the past five years.
Hackers stole passwords and other customer info from another 19th-century brewer, Marston’s, in Britain in 2013.
Sykora has some guidance for other breweries that are starting their cybersecurity journey now: learn about what kinds of attacks may come your way.
“If you don’t know for what you fight or against what you fight, you cannot design a good solution,” he said.
“First, to talk, to study, for example, some last attacks,” he explained. “Then think about how to how to protect.”
Main image: Pilsner Urquell in a traditional mug. Image credit: Archer News Network