Farmers take heed: don’t neglect cybersecurity needs

Hey there, time traveller!
This article was published 17/07/2021 (1547 days ago), so information in it may no longer be current.

Recent headlines about the cybersecurity attack on global meat processing giant JBS Foods underscore the food sector’s vulnerability to cybercriminals and mischief makers in a digital world.

While there wasn’t a lasting effect on the food supply in this case, the ransomware attack temporarily shut down 13 of the company’s processing plants, and this time, the bad guys won. The company paid a ransom of US$11 million.

The incident is likely a harbinger of similar attacks to come, largely because food security is so fundamentally important.

Consumers have a low tolerance for empty grocery store shelves, as illustrated by the panic buying and hoarding that ensued as the pandemic unfolded in the early months of 2020.

There is also a recognition that the various players in the food supply chain, starting with farmers, may not have the awareness or the systems in place to adequately protect themselves from such attacks.

That vulnerability is driving an initiative by the non-profit Community Safety Knowledge Alliance to evaluate the state of preparedness, raise awareness and help bolster the sector’s defences with $500,000 in support from Public Safety and Emergency Preparedness Canada over the next four years.

The project aims to get ahead of the curve as agriculture moves rapidly into digital and precision technologies which combine increased exposure with newbie naiveté.

“Unfortunately, because of the lack of awareness, the lack of resources, and the lack of training, we’ve seen more and more people getting victimized,” Ritesh Kotak, a cybersecurity consultant working with the project, said in a recent interview.

Whether it’s email, smart sensors, irrigation systems or data systems, farmers may be more connected than they think. “Even if you’re a small operation, you still have systems that are in place and thus it makes you vulnerable, regardless of size,” Kotak said.

Farms are essentially home-based businesses, which means the family computer could be used to store farm records and other important data, while also being used by other family members to cruise the internet for entertainment.

Farmers may not be rich sources of ransom money. But there can be other motivations for these attacks. Some hackers simply want to disrupt a business’s ability to operate.

Activists opposed to certain farming practices might mess with security systems or automatic ventilation, watering and feeding systems in livestock barns.

The risk is real. But there are many protective measures small operators can implement that don’t cost a lot of money, Kotak said.

First of all, back up your important data regularly with a storage system such as an external hard drive so that if you get locked out of your computer, you can still function as a business.

Investigate the security of any software or apps you are considering before downloading them from the internet. Kotak said many businesses that needed to pivot to online meetings and transactions quickly at the start of the pandemic grabbed the first option they could find, sometimes with unpleasant results.

“So know what type of software, know what type of hardware you’re actually installing,” he said.

Check out the vendors you are regularly engaging with to ensure their security systems are robust.

Practise good cyber “hygiene” by examining emails, especially those with attachments, before opening them. Even it appears to originate from a familiar name, watch for unusual grammar or spelling, and check the address it originated from to ensure it’s from a recognized domain.

“I always tell small businesses and individuals the most dangerous thing that you are going to do today is open email,” Kotak said.

If you are still unsure, “pick up the phone and call the person and ask them if they actually sent you that email or that attachment,” he said.

If you are victimized, report it to your local police. Reporting such crimes is mandatory under federal legislation. “It doesn’t matter whether you’re big or small, you need to report it,” he said.

Finding out you’ve been hacked is disconcerting at the very least. At its worst, it can be an expensive disruption to your livelihood.

Laura Rance is vice-president of Content for Glacier FarmMedia. She can be reached at lrance@farmmedia.com