Data Security

Agro-Terrorism and the Food Supply Chain: This is a Different World, Rose Says

Mon, 10 Oct 2022 23:43:03 GMT

If you want to disrupt a government, disrupt the food supply.

“Agriculture is critical infrastructure,” Andrew Rose, strategic advisor to the food and agriculture supply chain, said during Farm Journal’s Farm Country Update on Sept. 28. “Three weeks without food and agriculture, and it’s over. You don’t mess with food and ag.”

Years ago, Rose was working at a large agricultural lender and decided to run a tabletop exercise as part of a teambuilding workshop simulating a ransomware attack on the company.

“Walking away from that exercise, I began thinking, is this a blind spot in the food and agriculture supply chain? Are we aware of the threats out there and the implications they can have? Not only to us as producers and processors, but to the entire critical infrastructure, and our ability to feed our population? I kept getting more questions than I got answers,” Rose said.

Since then, Rose has dedicated himself to helping the agricultural community get more prepared and understand the threats knocking at the gate.

What is Agro-Terrorism?

Agro-terrorism, or the deliberate introduction of a disease agent against livestock or into the food chain, is typically a tactic that can be used to either generate or cause mass socio-economic disruption or as a form of direct human aggression. Rose says there are a lot of definitions out there, but from his research, for a terrorist act to occur, there needs to be violence.

He said the FBI constantly hammers home the concept of sympathy versus action. Rose points out that having strong feelings about something isn’t wrong – acting on it is.

“There’s a First Amendment right to say and feel what you want to about any given subject. You can walk outside and put posters up, you can get a bullhorn, cowbells, whatever you want. As soon as you take an action, though, that’s when things change. That’s when risk and consequence come into the equation,” Rose said.

For the agriculture community in particular, it hurts when someone stands outside of your property and waves a sign, says bad things or shows a picture of things that aren’t true, he said. But until these people take action – until they steal some pigs or commit an act of violence – it’s their right to do that.

“It’s a hard pill to swallow, but it’s something that if you go to the FBI, they’ll say sympathy versus action,” Rose said. “Don’t take that action.”

How Can You Protect Yourself and Your Farm?

1. Pay attention to the threat actors.
Know who the threat actors are, including transnational terrorist groups, domestic terrorists, corporate espionage and activists. Engage with organizations like the Animal Agriculture Alliance and Protect the Harvest to keep up to date on threats and movements. Subscribe to their newsletters and learn from their experts.

2. Guard yourself on social media.
“Not only is social media a real threat, it’s an ongoing threat,” Rose said.

When he’s speaking to agricultural audiences, the first thing he tells them to do is go to Facebook, click on their privacy settings, and find out which apps and websites they are connected to with their account. Some apps can trick you into clicking “OK” allowing them to sell your information to third parties.

“There are computer programs scraping every bit of social engineering that’s publicly available on every human being and compiling it so they have those demographical profiles, whether it’s specific to you as an individual, or you as a class of individuals for certain types of messaging,” Rose said.

3. Beware of passive insider threats.
Passive insider threats are people who resist change and fall victim to social engineering. Sometimes, they’re told to do certain phishing exercises, or complete multi-factor authentication for their accounts, and they ignore it.

“They use their work devices to go to personal websites or places they probably shouldn’t go and they click on things they shouldn’t click on. Every employee of every company or organization is part of its cybersecurity defense,” Rose said. “If they’re not paying attention, if they’re not actively aware of the opportunity that threat actors are looking for, and they’re just letting them in, that’s a big insider threat.”

4. Know your FBI agent.
If something happens to your organization, whether it’s a terrorist attack or cybercriminal attack, it’s likely you will be in a high state of emotion. Rose said that’s probably the last time you want to make your first introduction to your FBI agent.

“There are 56 field offices across the United States. The FBI is there to help victims of crimes, they’re not going to go through your filing cabinets and look for other things. They want to help you. They want to figure out who did it, how they did it, and they want to go and oppose risk and consequence on your behalf,” Rose said.

That is why he suggests calling your local FBI agent or at least finding your point of contact before a problem happens.

“The world will never be the way it was – those days are gone, it is not coming back,” Rose said. “The world is as it is today, and we need to be realistic about how it’s going to be tomorrow. The ability for us in the U.S. to feed our population, that’s the North Star. Let’s make sure we do that. Be suspicious and be aware, this is a different world.”

Check out Farm Country Update and learn more from Andrew Rose about how you can protect yourself, your farm and your agricultural business.

Cybersecurity on the Farm: How Could Your Operation Be At Risk?

Mon, 19 Sep 2022 15:19:20 GMT

The terms cybersecurity and cyber insurance are more than just concepts in the agriculture industry, says Kansas State University cropping systems economist Terry Griffin.

He said the agricultural industry is becoming more digital, so adaptable cybersecurity – or, the protection of computer systems from information disclosure or theft, or damage to hardware, software or electronic data -- is more important than ever.

“As a producer, we have to think about who (our) biggest threat is potentially,” Griffin said. “The Kansas farmland market is fierce, but not as fierce as in Illinois, so the biggest threat to a Kansas farmer could be seen as a different entity.”

Griffin said cybersecurity risk depends on the location and risk preference of the farmer and who they see as their biggest threat. This could be as simple as someone getting a copy of data or insights, or data becoming inaccessible to the farmer.

“There could be solar flares that impact space weather that can adversely affect GPS,” he said. “In that event, we could be at a disadvantage during planting because there might not be row markers on the large planters anymore.”

He said such a situation can also affect harvest because farmers won’t be able to log data.

Griffin said time is of the essence when a cybersecurity breach is detected, and if farmers decide to not plant and wait a day because the GPS is down -- or they can’t control the overlaps -- it could have negative implications, such as lower yields.

There are currently no state or federal laws that cover cybersecurity for farms. Griffin suggests a couple ideas to protect farm data:

• Treat farm data as a trade secret.

• Have employees sign a non-disclosure agreement.

• Change passwords quarterly.

• Make sure when an employee leaves that their connections to farm data has been stopped.

“There are some actionable things that farm operators can do to show that their data has value,” Griffin said. “These are some best management practices for data management.”

He said farmers should build up these practices over time so that they become habit.

Griffin notes a resource to learn more about cybersecurity on the farm at HeinOnline.

Griffin’s full discussion on this topic is available on the weekday radio program, Agriculture Today.

FBI Puts Ag on Alert: Ransomware Attack Potentially Timed to Critical Seasons

Fri, 22 Apr 2022 20:40:53 GMT

Farmers and ag cooperative employees need to be on high alert this spring. That’s according to the FBI , which is predicting cyber criminals might attack the industry during planting and harvesting seasons.

Why? Cyber criminals believe their prey could be more vulnerable and willing to pay off the extortion.

Since 2021, FBI reports multiple agricultural cooperatives have been impacted by a variety of ransomware variants:

In March 2022, a multi-state grain company suffered a Lockbit 2.0 ransomware attack. In addition to grain processing, the company provides seed, fertilizer, and logistics services, which are critical during the spring planting season.
In February 2022, a company providing feed milling and other agricultural services reported two instances in which an unauthorized actor gained access to some of its systems and may have attempted to initiate a ransomware attack. The attempts were detected and stopped before encryption occurred.
Between Sept. 15 and Oct. 6, 2021, six grain cooperatives experienced ransomware attacks. A variety of ransomware variants were used, including Conti, BlackMatter, Suncrypt, Sodinokibi, and BlackByte. Some targeted entities had to completely halt production while others lost administrative functions.
In July 2021, a business management software company found malicious activity on its network, which was later identified as HelloKitty/Five Hands ransomware. The threat actor demanded a $30 million ransom. The ransomware attack on the company led to secondary ransomware infections on a number of its clients, which included several agricultural cooperatives.

These attacks resulted in service issues, production disruptions and loss of access to administrative functions.

In a public advisory , federal officials say a major disruption of grain production would impact the entire food chain.

What You Can Do

The FBI is asking those in agriculture to take defensive measures against the potential threat. Those steps include:

Regularly back up data, air gap and passwords. Make backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
Implement a recovery plan that includes maintaining and retaining multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).
Identify critical functions and develop an operations plan if systems go offline. Think about ways to operate manually if it becomes necessary.
Implement network segmentation.
Install updates/patch operating systems, software and firmware as soon as they are released.
Use multifactor authentication where possible.
Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts and use strong pass phrases where possible.
Require administrator credentials to install software.
Audit user accounts with administrative or elevated privileges and configure access controls with least privilege in mind.
Install and regularly update anti-virus and anti-malware software on all hosts.
Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a virtual private network (VPN).
Consider adding an email banner to messages coming from outside your organizations.
Disable hyperlinks in received emails.
Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities (i.e. ransomware and phishing scams).

Tools and Resources

Tips for Protecting Yourself Against Ransomware Attacks

For additional resources related to the prevention and mitigation of ransomware, visit Stopransomware.gov

CISA’s Ransomware Readiness Assessment (RRA) is a no-cost self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident.

CISA offers a range of no-cost cyber hygiene services to help critical infrastructure organizations assess, identify, and reduce their exposure to threats, including ransomware. By requesting these services, organizations of any size could find ways to reduce their risk and mitigate attack vectors.

Watch our report on AgDay TV:

Read More

Popular Online Farm Equipment and Land Auction Service Sites Crippled by Ransomware Attack

John Phipps: Is a Possible Cyberwarfare Attack Looming for Your Farm? Why Tractors May Be Next

John Phipps: Is North Korea the New Breeding Ground for Cyber Warfare?

Cyber Threats Are A Real Threat To Modern Agriculture’s Expanding Digital Infrastructure

The Three Things You Need to Know to Keep Your Farm Data Safe

Tue, 22 Feb 2022 21:55:32 GMT

Cybercrime has become an increasing threat to today’s farmers. Ransomware and cyberattacks targeting the food and agriculture sector has been on the rise, and unfortunately, no operation, whether large or small, is immune from this risk.

According to dataprise, an IT management and consultant business, the infrastructure in the agriculture industry is becoming more enticing to cybercriminals because the sector has adopted more smart technologies that open doors to other crime opportunities.

Experts warn that as an industry, agriculture has a very soft digital underbelly that’s easily breached due to very limited investment in cybersecurity to date. While it’s easy to think, “That will never happen on my farm,” cyberattacks happen every single day, and they’re creeping into rural America.

Doug Jacobson and Ally Frickel, electrical and computer engineering specialists at Iowa State University, offer these tips to help prevent cybercrime from happening on your operation.

Keep an Eye on Your Email

“Email is a huge opportunity for attackers to trick victims into downloading malware,” the pair state. “This tactic is called phishing. In emails, senders will disguise themselves to sound like someone important to the victim. In regard to farmers, attackers may pretend to be a cooperative, supplier, implement dealer - anyone that is critical to farmers’ jobs.”

For a phishing attack to work, it requires the email recipient to click on a link or attachment that is connected to the malware. This will cause the computer to download and install harmful technology to their device.

To prevent this from happening, Jacobson and Frickel suggest the following: “Trust your instincts. If the email looks fishy, it probably is. Do not trust unfamiliar email addresses. If you suspect an email is a phishing email, do not click on any link or attachment. Delete the email.”

Protect Your Passwords

We’re all guilty of using the same password over and over again, but this can be a dangerous practice for your operation.

When creating a password, the duo encourages farmers to focus on password strength. This means creating a password no one can guess. Additionally, this may also mean creating dozens of different, hard-to-remember passwords for various websites and programs.

“It’s understandable to be a bit overwhelmed,” the team shares. “One suggestion is to write the passwords down in a small notebook and keep it in a safe place. Do not create a document on your computer with account information and passwords.”

Lastly, it’s important to not share passwords with others. This may seem obvious but think about all of the different people involved in your operation. If the password is shared amongst other, it may put your farm’s private information in jeopardy.

Backup Your Data

If a cybercrime were to happen on your farm, it’s possible you could lose valuable information forever.

“To prevent losing this data, perform a periodic archive to secure storage,” the duo adds. “The point to backing data up to a secure storage - the cloud - is to be able to recover the data later.”

Another way to help make sure your information isn’t lost is to backup data via cloud storage or via a USB device. However, the key to making sure information isn’t lost is to backup data on a routine basis. Don’t wait until it is already lost!

To learn more on how to prevent a cyberattack, read:

Cyber Threats Are A Real Threat To Modern Agriculture’s Expanding Digital Infrastructure

Wed, 12 Jan 2022 13:05:40 GMT

A malicious cyberattack in late May 2021 forced the shutdown of all of JBS’ beef plants and many of its pork and poultry plants. This attack on the world’s largest meat processor spotlighted the vulnerability of another critical American industry. This time, agriculture was the target.

According to the Harvard Business Review, the amount that companies paid to hackers grew by 300% in 2020. In the first 10 months of 2021, just six ransomware groups were responsible for breaching the cybersecurity defenses of 292 organizations. From those attacks, these criminal organizations had tallied up more than $45 million in ransom money.

Of all the cyberattacks and ransomware attacks in 2021, the breach of Colonial Pipeline in late April had the most news coverage. A ransomware group known as DarkSide with ties to Russia was responsible for the attack that shut down 5,500 miles of pipe and halted the flow of countless barrels of gasoline, diesel and jet fuel from the Gulf Coast to the Eastern Seaboard. To avoid further disruption, Colonial Pipeline eventually gave in to the ransomware group’s demands and paid the group $4.4 million in bitcoin.

Agriculture Is An Easy Target

Experts warn that as an industry, agriculture has a very soft digital underbelly that’s easily breached due to very limited investment in cybersecurity to date.

For an industry that is betting the farm on becoming increasingly digitally connected and automated, this should set off alarm bells in all sectors and all levels of agriculture—from the back 40 to the halls of Congress. As more devices are hooked up to networks and more tasks are turned over to automation, the opportunity and potential reward for cyberattackers will only grow exponentially during the next several years.

According to Vantage Market Research, the size of the global agricultural robot market is expected to reach $15.93 billion by 2028. That’s up from $3.63 billion in 2020 and represents a compound annual growth rate of 20.31% during the forecast period—2021 to 2028.

A private industry notification issued by the FBI’s cyber division on Sept. 1 listed five major attacks that occurred in the food sector since November 2020. The list included everything from a bakery company to a well-known beverage company to a large farming operation. Two more attacks—on grain co-ops, Iowa’s NEW Cooperative and Minnesota’s Crystal Valley—came less than a month after the FBI’s warning.

As with many of these “events,” the aftermath involves plenty of finger-pointing. In the fallout of the JBS attack, a good deal of blame was shifted on the government for not creating cybersecurity guidelines and compliance mandates for agriculture.

Sens. Chuck Grassley and Joni Ernst from Iowa recently went to the floor of the Senate to stress that more must be done related to cybersecurity within agriculture. They advocated: “Agricultural security is national security.”

It is foolish to think government alone can fix the issue or prevent future attacks. But, government can develop guidelines and performance goals. One of the first things that could be done is to adopt standards related to manufacturing automation equipment that is secure by design. IoT devices need to have additional security measures before they are deployed to the field. Because of the lack of a law, both the users and manufacturers blame each other for not adopting even minimum security measures for these pieces of equipment. This issue has become a significant cybersecurity liability.

What you can do

The rest of us must become increasingly aware and vigilant in fighting this war. Pardon the pun, but one could “lose the farm” because of an unforeseen cyberattack. Whether you are a CEO of a multilocation co-op or an individual farmer who has connected your operations and data to the “cloud,” you are a target, and this threat is not going to go away.

New Research: Farmer Views on Production Data Collection and Sharing

Thu, 19 Nov 2020 03:41:47 GMT

Several challenges prevent farmers from collecting and sharing data on their production practices with downstream supply chain organizations, such as food companies and retailers, according to new research from Farm Journal’s Trust In Food initiative and The Sustainability Consortium (TSC).

“This research provides the entire ag value chain with direct farmer feedback on the realities of farm-level data collection and sharing,” said Mitch Rouda, President for Farm Journal’s Trust In Food. “These insights will enable organizations to more effectively engage with farmers in the scaling of conservation practices and production practice transparency.”

Farm-level production data plays a critical role in conservation and sustainability efforts for food, fuel and fiber supply chains. Despite this importance, according to previous TSC research , nearly 50% of food and beverage companies report having no visibility into the on-farm practices that produce the inputs they use.

To help close the gap between in-field practices and supply chain needs, Trust In Food and TSC surveyed American farmers on their perceptions of data collection and sharing. The resulting report, “Farmer Perspectives On Data,” highlights insights from nearly 400 farmers in more than 40 states.

Key findings include:
• 62% reported not using data collection and sharing software during the 2019 season; of those who did, only about 30% say the software meets all their needs.
• Lack of access to capital, equipment, training and reliable data networks are the biggest barriers farmers face in scaling up their on-farm data efforts.
• 71% of farmers said their primary ag adviser or consultant has never suggested increasing on-farm data collection, data sharing or both.
• 49% of farmers do not believe their customer has a right to know how they manage their farm.
• Responses to open-ended questions reveal downstream organizations enjoying greater financial benefits from farm-level data sharing than the farmers who provide that data is a major issue farmers consider when deciding to share their data.
• 74% of farmers implement conservation agriculture practices because they believe it is the right thing to do for the environment; 61% use conservation practices to ensure they pass on a profitable and viable farming operation to the next generation.

“The results of this report show growers value data collection and the environment and they implement conservation agriculture practices on their farms, but there are several surprising barriers to sharing farm data,” said Christy Slay, Director of Technical Alignment for The Sustainability Consortium. “TSC is committed to working on these issues and barriers with our partners to ensure farmers receive the value they deserve for protecting natural resources and that the sustainability story brands communicated to retailers and consumers is enabled by the farm data reported into TSC’s THESIS platform.”

Trust In Food presented its findings at The Sustainability Consortium’s Summit, April 28-30, 2020.

The report can be viewed at https://bit.ly/Farm-Data-TIF.