If you knew there was someone with sticky fingers in your neck of the woods, would you lock your machine shed to protect your belongings? Why not do the same with your ag data?
With the recent uptick in ransomware cyberattacks across the ag industry, it’s time to ramp up farm cyber security to avoid being the next victim of a hacker.
In April, the FBI warned of ransomware attacks on the agriculture sector during critical times like planting and harvest. Companies like AGCO, JBS, Sandhills Global and New Cooperative have all fallen victim in the past year, just to name a few. And now, hackers are targeting even closer to home.
To answer this question, we need to understand the goal of hackers. Ransomware groups, such as BlackMatter, monetize hacks in two ways.
First, hackers primarily make money through ransom payments. After breaking through security and compromising important data of their targets, the hackers demand targets pay a ransom for a decryption key to restore function. Ransoms are typically paid in cryptocurrency. This makes tracing the payment virtually impossible.
The more urgent a target’s need is to restore their cyber system, the more likely they are to pay the ransom. This makes agriculture a prime target, especially during key seasons like planting and harvest when operations can’t afford to be slowed down.
“Farm equipment, in general, is much more automated than it ever has been. Modern combines and tractors, for example, utilize software and a GPS locator to operate,” says Bryan Fried, Chairman and CEO of Pangea Global Technologies. “Hackers know that farmers have no choice but to pay a ransom when their systems are compromised because they cannot afford the crop damage that would result from the inability to operate equipment and processes.”
In addition, hacking for industrial espionage is also a serious problem. In this scenario, hackers glean important proprietary information that could help a rival company. The information is often sold on the black market to interested parties.
Reports predict that hacking will be a $20 trillion industry within three years, Fried explains. “This would represent the third-largest economy in the world, behind the U.S. and China.”
Next target: individual farms
It’s easy to find examples of agriculture companies and cooperatives that have experienced attacks, but it’s hard to believe hackers would take the time to target individual farms. But don’t be fooled!
Farm operations and individual farmers actually have an added risk for ransomware attacks. Typically, they don’t have the software and infrastructure in place to prevent hacking.
“Farm businesses that use automation or indoor farming are especially at risk since they tend to rely on software-based functionality,” Fried says. “These include, but are not limited to, HVAC and air distribution, fertigation, irrigation and lighting.”
Think about the data that is crucial to your operation – historical yield data, finances, precision agriculture platforms, etc. What systems on your operation are digital or automated? Perhaps your irrigation system, grain system, or bookkeeping could be at risk.
Tips to tighten security
There are several ways to protect the important data for your farm operation. Here are some ideas to get you started.
- Software program – Purchase a good software program for overall data security. If you have a software program, be sure to update it and turn on automatic updates for the future.
- Click carefully – Hackers need a way into the system. Clicking on an unknown email attachment or link can be all they need to get access. Only click on links or open attachments from trusted sources.
- Multifactor authentication – Implement a system that requires you to provide two or more verification factors to gain access to a resource such as an app or online account. For example, it could require you to enter a password, and then enter a code that is texted to your phone to log in. This extra security step makes it harder for hackers to access your accounts.
- Consider your vendors – What companies do you work? What data do they have on file related to your farm business, and what steps are they taking to protect your information? Be careful with client-server software applications as they are often the easiest to hack.
- Back up data – Store data to the cloud with frequent backups of key information. In the unfortunate event your data is hacked, you will have a backup to prevent major operational shutdowns.
- Get your farm team on board – You likely aren’t the only one on the farm accessing data on a regular basis. Have a team meeting and establish best practices. This could be as simple as reviewing data locations and passwords, or it could be as detailed as a written manual with actions to take in worst-case scenarios.