Why Agriculture is Emerging as a Cyberattack Target
The agriculture sector has been increasingly bearing the brunt of cyberattacks.
BlackMatter, a relatively new ransomware-as-a-service (RaaS) hacker group, has targeted U.S. farming companies. In September 2021, BlackMatter attempted to extort $5.9 million from Iowa farming collective, The New Cooperative. A week later, the group targeted the grain cooperative Crystal Valley with a similar attack. These cyberattacks took place during harvest season, a critical time for the sector.
And these sorts of attacks have continued to take place. Two attacks in 2022 directly targeted grain processors and feed mills. These were again ransomware attacks, which are becoming an increasingly common tactic used by cybercriminals.
But why is agriculture emerging as a cyberattack target? And what can be done about it?
The Emergence of Smart Farming Technologies
To fulfill the rising demand for food, companies in the agriculture sector are making use of smart farming technologies and precision agriculture. These technologies help to meet global demand by improving crop yield and productivity, reducing the need for human labor and increasing the accuracy of tasks such as crop sorting, weed eradication, and food processing.
In recent decades, smart farming has developed rapidly and now features many data-driven technologies. Modern smart farms have devices connected in real-time, enabling the completion of tasks such as checking the status of crops and soil or deploying drones to spray pesticides. Companies also use data to make operational decisions and optimize business models.
However, the use of smart farming and reliance on smart communication technologies introduces new security risks for the agriculture sector by exposing it to cyber threats.
Security Defenses in the Agriculture Industry are Weak
David Emm, principal security researcher at cybersecurity company Kaspersky, believes that groups like BlackMatter are prioritizing agriculture because its defenses are weak. He states:
“As we become more connected, the potential attack surface becomes bigger. There are areas, and agriculture is one of them, which are viewed as machine-intensive industries, but not necessarily ones that are computer based. And yet, if you look at modern equipment like tractors and combine harvesters, they are very definitely computer controlled.”
Despite agriculture being a computer-controlled industry (and increasingly so), the sector has not responded with adequate security tools and resources to prevent and mitigate cyberattacks. For agricultural companies, new sensors, connected devices, and networks that are connected to the internet but not secured properly are ideal targets for cybercriminals.
Paul Prudhomme, head of threat intelligence advisory at IntSights, observes:
“Internet of Things (IoT) devices are common targets or points of entry for attackers because they often receive reduced security hygiene and support. Many users do not update IoT firmware, change the default passwords of IoT devices, or monitor them for potential security incidents. Any IoT devices that agribusinesses may have introduced into the industrialisation of their agricultural processes are likely to become targets.”
One crucial reason why security defenses are weak is that food industry operations technology personnel (especially those responsible for operating and maintaining smart systems) are experts in food and safety, not cybersecurity. They’re simply unaware of the potential threats that exist.
This lack of awareness leaves the sector open to cyberattacks with potentially serious repercussions on farmers, end consumers, food processing industries, agriculture cooperatives, livestock and crops, government agencies, and nations dependent on agriculture.
The Problem of Large Coordinated Attacks
Smart devices introduce the ability to remotely control on-field sensors and autonomous vehicles. This gives cybercriminals the ability to destroy an entire field of standing grown crops, flood farmlands, overspray pesticides using smart drones, and ultimately cause unsafe consumption as well as economic damages.
There are four main types of cyberattacks criminals could use: data attacks, network and equipment attacks, supply chain attacks, and other acts of cloud-computing cyberterrorism. Each category is associated with key vulnerabilities, consequences, and respective preventative measures. Each targets different stages of the chain of food production.
Even with a protective layer in place, a large coordinated attack using multiple attack categories could disrupt the economy of an agriculture-dependent nation. This is why more comprehensive security solutions are needed.
How to Address Agriculture’s Vulnerability to Cyberattacks
One important way to address these vulnerabilities is to ensure that cybersecurity experts are working for agriculture and food companies.
Moreover, any employees working with smart and data-driven technologies need to be aware of existing security threats and effective ways of dealing with them. In short, companies in the sector should establish and maintain a secure data culture.
For example, since ransomware is a particular threat to the agriculture sector, companies need to educate employees on ways to tackle it, including:
- Never clicking on unsafe links
- Avoid disclosing personal information
- Not opening suspicious email attachments
- Never using unknown USB devices
- Keeping programs and the operating system up to date
- Using only known and trusted download sources
In addition, businesses must ensure that they are investing in the latest security tools and resources. Effective solutions may include artificial intelligence (AI) and machine learning technologies that can detect and respond to threats in real-time. These efficient, automated solutions will reduce the risk of human error, as well as free up time for employees to focus on high-priority tasks.
Agriculture is emerging as a cyberattack target, and this trend will only continue as smart technologies become more embedded in the industry. However, with the right knowledge and cybersecurity strategy in place, many of these security risks — and crucially, the most severe risks — can be prevented and mitigated.
Cyberlocke is a comprehensive, full-service IT services provider that architects and implements efficient and secure solutions for enterprise customers and their data centers. We specialize in security, cloud, managed services, and infrastructure consulting. Contact Us today to learn more.
