Why farming needs to pay more attention to cyberattack risk

Food and farming’s vulnerability to disruption by cyberattack is increasing as more functions and kit are operated remotely and the sophistication of attackers grows.

Artificial intelligence (AI) is moving the challenge up a gear or two, making it easier to carry out attacks, whether to gain personal and financial information or to interfere with crop, livestock and food processing systems.

Grain dryers, livestock monitoring, weather and irrigation applications, temperature and lighting control for intensive livestock and poultry are just a handful of the critical functions that can be disrupted.

See also: Contractor comment – cyberattack causes grain dryer havoc

Disruption, cost and stress

As businesses increasingly use online banking, accounting and farm management software, the potential damage from an attack is not only the loss of information and money, but also the resulting ongoing disruption, stress and cost.

Farming businesses are regarded as more vulnerable than many others, advisers say, because they pay relatively low levels of attention to the risks of cybercrime.

Phil Osgathorpe is director of IT audit, assurance and cybersecurity at accountant PKF Francis Clark, which has many farming customers.

He says agriculture is one of the top 10 industries affected by cyberattacks and isn’t keeping up with the growing threat.

He gives the example of a farm whose crop yields were simply maintained in a complex multi-tab Excel spreadsheet that wasn’t backed up anywhere.

“That multi-tab spreadsheet was crucial to their financial results and forecasting year-on-year, and yet so little time or attention was applied to securely maintaining that document.

“Eighty-five to 95% of successful cyber breaches are down to human error, in that someone is duped, and the most common thing is that someone else gets hold of their user ID and password.”

Main types of cyberattack

Phishing

Scam emails or text messages containing links to websites that may contain malware, or may trick users into revealing sensitive information such as passwords or transferring funds.

Spear-phishing is targeted at individuals via emails that appear to come from a trusted or known person.

Malware

Malicious software can cause harm in many ways, including:

• Causing a device to become locked or unusable
• Stealing, deleting or encrypting data
• Taking control of devices to attack other organisations
• Obtaining credentials that allow access to an organisation’s systems or the services it uses
• Using services that may cost an individual or a business money.

© Adobe Stock

Ransomware 

This is a type of malware that prevents access to a computer or the data stored on it. The computer may become locked, or the data on it might be stolen, deleted or encrypted.

Some ransomware will also try to spread to other machines on the network.

Usually those affected are asked to contact the attacker via an anonymous email address or follow instructions on an anonymous web page to make payment in order to unlock the computer or access the data.

The payment is invariably demanded in a cryptocurrency such as bitcoin. However, even if the ransom is paid, there is no guarantee that access to the computer or to files will be restored.

Source: National Cyber Security Centre

Prime target

“State-operated attacks will focus on the areas that are weakest and most underfunded in the national infrastructure, and that includes food, which is not heavily invested in cybersecurity and so is a prime target,” Phil says.

“While the human side is the weakest, it can also be the strongest if you’re aware of the risks. Malware actors trying to get hold of information can be very convincing.

“Approaches tend to be written to try and evoke an emotional response and that overrides the logical response. These also often target older or more naive people.

See also: How to safeguard against internal fraud on farms

“The advance of AI has ramped things up, offering ransomware as a service for a subscription fee, providing all the tools and capabilities to hack.

“You don’t need to be technically gifted to do this, and it’s like a pyramid scheme.”

There’s no shame in not knowing how to address cyber-risks to your business, and it doesn’t hurt to ask for a little help or guidance,” says Phil, adding that many people affected by cyberattacks tend not to be open about this as they feel foolish for having been caught out.

Social media vulnerability

A lot of damage can be done by attacks on social media accounts, whether personal or business related, so it’s important to protect the followings that have been built up.

Digital self-defence

At training organisation SoSafe, the aim is to boost digital self-defence by making employees and business owners more aware of the threats and how to address them.

Chief security officer Andrew Rose highlights some of the risks from ransomware, which has the ability to lock farmers out of automated systems at a critical point in the year. 

“We’ve seen other firms such as online gambling companies being held ransom just before big events, knowing this increases the incentive to pay,” says Andrew. Also, US meat processor JBS allegedly paid $11m (£8.7m) to settle a 2021 attack.

“I worry that the attacks will not just target big business, but smaller firms and even individual farmers who are just as tech-dependent but have much fewer resources to detect and tackle the threat.”

Supply chain attacks

A supply chain attack on a single supplier, distributor or manufacturer can have potentially far-reaching consequences.

“In agrifoods, if attackers gain access to a system controlling food transportation logistics, they might be able to disrupt the flow of goods, delay shipments or, most importantly, compromise food safety,” says Andrew.

“As the industry increasingly relies on digital services for precision farming, food safety tracking and customer data collection, this creates a wealth of sensitive information that could be valuable to cybercriminals,” he says.

The increasing use of internet-connected devices for livestock tracking and management, precision farming, environmental monitoring, automation and food processing exposes them to hacking attempts.

“A breach of these systems could result in manipulated environmental conditions – for example temperature, humidity or irrigation – that can damage crops, contaminate food, or disrupt production schedules,” Andrew says.

“This is just what we saw many years ago with Stuxnet, where attacks manipulated the integrity of operation data outputs, damaging systems without the victim noticing.”