The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.
In an era where digital technology increasingly underpins food production and distribution, the urgency of cybersecurity in agriculture has heightened. A surge of cyberattacks in recent years, disrupting operations, causing economic losses, and threatening food industry security- all underscore this escalating concern.
In April 2023, hackers targeted irrigation systems and wastewater treatment plants in Israel. The attack was part of an annual "hacktivist" campaign, and it temporarily disabled automated irrigation systems on about a dozen farms in the Jordan Valley. The attack also disrupted wastewater treatment processes at the Galil Sewage Corporation.
In addition, in June 2022, six grain cooperatives in the US were hit by a ransomware attack during the fall harvest, disrupting their seed and fertilizer supplies. Adding to this growing list, a leading US agriculture firm also fell victim to a cyberattack the same year, which affected operations at several of its production facilities.
These incidents highlight the pressing need for improved cybersecurity in the agricultural sector and underscore the challenges and risks this sector faces compared to others.
As outlined in a study, “Various technologies are integrated into one product to perform specific agricultural tasks.” An example provided is that of an irrigation system which "has smart sensors/actuators, communication protocols, software, traditional networking devices, and human interaction."
The study further elaborates that these complex systems are often outsourced from diverse vendors for many kinds of environments and applications. This complexity “increases the attack surface, and cyber-criminals can exploit vulnerabilities to compromise one or other parts of the agricultural application.”
However, the situation is far from hopeless. By taking decisive action, we can significantly strengthen cybersecurity in the agricultural sector. Here are three strategies that pave the way toward a more secure future for the farming industry:
1. Strengthening password practices
Weak or default passwords are an easily avoidable security risk that can expose vital assets in the agricultural sector to cyber threats. Arguably, even now, people have poor habits when it comes to password security.
As per the findings of a survey conducted by GoodFirms:
- A significant percentage of people - 62.9%, to be exact - update their passwords only when prompted.
- 45.7% of people admitted to using the same password across multiple platforms or applications.
- More than half of the people had shared their passwords with others, such as colleagues, friends, or family members, raising the risk of unauthorized access.
- A surprising 35.7% of respondents reported keeping a physical record of their passwords on paper, sticky notes, or in planners.
These lax password practices have had tangible negative impacts, with 30% of users experiencing security breaches attributable to weak passwords.
Hackers can use various methods, such as brute force attacks or phishing attacks, to guess or obtain weak passwords and access sensitive information or control critical systems.
Therefore, agricultural organizations need to make passwords stronger. Here are some of the critical steps these organizations need to take:
- Encourage using strong, unique passwords (8+ characters, mixed letters, numbers, symbols).
- Implement regular password changes (every three months or upon a suspected breach).
- Enforce multi-factor authentication on all systems.
- Update network passwords regularly to invalidate stolen credentials.
- Use a password keeper/generator app for secure password storage.
- Discourage password sharing or reuse across platforms.
- Avoid using dictionary words, common phrases, or personal info in passwords.
- Deploy a password management tool for efficient password handling.
2. Maintaining updated systems
In the digitally transformed landscape of agriculture, known vulnerabilities linked to outdated software and hardware present significant cybersecurity risks. Cybercriminals often exploit these weaknesses in such systems, compounding the cybersecurity challenges faced by the industry.
The Ponemon Institute, in a comprehensive study, found that 60% of organizations that experienced a breach said it occurred due to a known vulnerability that was left unpatched, even though a patch was available. Further complicating matters, the study reported that 88% of IT teams had to coordinate with other departments when patching vulnerabilities. This coordination added an extra 12 days before a patch could be applied, leaving systems vulnerable for a more extended period.
As we've seen from the damaging agricultural infrastructure attacks, neglecting cybersecurity in the context of known vulnerabilities can lead to significant problems. Regular updates and patches are not just good practice—they're a crucial first line of defense against cyberattacks. In the digitally transforming world of agriculture, this is not merely an option—it's a necessity.
3. Securing operational technology traffic
Given the scale of the risks associated with known vulnerabilities, it's clear that agribusinesses face a significant cybersecurity challenge. However, the threats are not confined to these known issues alone. The unknown vulnerabilities, particularly those associated with Operational Technology (OT) systems, present another layer of risk that has recently come into focus.
The growing prevalence of Internet of Things (IoT) devices in contemporary agriculture amplifies these concerns. If not adequately secured, these devices can expand the attack surface, offering potential attackers an open door to critical systems.
Highlighting the severity of such issues, Itay Glick, VP of Products at OPSWAT, brings up the cyberattack on irrigation systems in Israel. He pointed out that weak passwords and outdated OT devices were a significant part of the problem. He noted that "there was a critical vulnerability in a specific device dated back to 2015 (CVE-2015-7905), which could have been exploited by any average hacker."
The vulnerability Glick referred to underscores the importance of regularly updating OT devices. "If this was the case, this underscores the importance of scanning and validating that OT devices are updated," he emphasized.
This dual approach - segregating OT traffic and monitoring it - provides a solid defense strategy. Segregation makes it more challenging for attackers to access critical systems, while monitoring allows for early detection of any potential threats. Agribusinesses must heed this advice, as the digital landscape continues to evolve, and the stakes continue to rise.
Conclusion
Cyber threats pose grave risks, with the potential to disrupt operations and cause hefty financial losses. Plus, the enduring harm to brand image and customer trust post-attack can be tough to bounce back from. A thorough assessment of current cybersecurity protocols, identification of potential vulnerabilities, and application of the discussed solutions should be on top of the list. These steps encompass the use of robust and unique passwords, segregation and monitoring of OT traffic, and consistent updating of software and hardware.
In the final analysis, agribusinesses that can integrate these cybersecurity measures into their operations are better positioned to secure their future in the rapidly evolving agricultural landscape.