The farming and agriculture industry in Australia is increasingly embracing digital transformation to enhance productivity, efficiency, and sustainability. This shift involves the integration of advanced technologies such as Internet of Things (IoT) devices, precision farming tools, and automated machinery. The growth of precision agriculture and smart farming has rapidly increased the number of Internet enabled devices in the agriculture sector, which increases the cyber attack surface or the number of potential entry points for a cyber attacker. Ransomware is a particular concern. Easily deployable ransomware attacks, in which cybercriminals threaten to destroy farmers’ data and systems unless a ransom is paid, will become more common on critical data and equipment, particularly during time-sensitive windows for planting and harvesting. Understanding these risks and learning from recent cyber incidents is vital for protecting the industry and ensuring its continued growth and resilience.
Main Cyber Risk Exposures
1.Data Breaches and Theft:
Sensitive Data: The move to smart farming and precision agriculture generates significant data, which is also open to cyber risks. The growing use of automated machinery, high resolution multispectral imagery, drones, soil sensors, and IoT technologies in the agriculture and food security sector is generating large amounts of data. This renders the sector highly vulnerable to data theft and manipulation, creating a wide range of possible threat vectors. Cybercriminals could steal, manipulate, and then publish false and harmful agricultural data to undermine local industry. Foreign governments can use another country’s agricultural data to give themselves an advantage in trade negotiations or commodities markets. In some cases, the agricultural applications and databases might not be the ultimate target of the attacker.
2. Ransomware Attacks:
Operational Disruption: Ransomware can encrypt vital systems and data, bringing farming operations to a standstill. Given the time-sensitive nature of agricultural activities, such disruptions can lead to substantial financial losses and food supply chain interruptions. Imagine your GPS or automated tractor is hacked, and you can’t plant your crop until you pay to get your access back (like ransomware). And given that timing for planting/spraying/harvesting is critical this is a major threat.
Financial Extortion: Ransom payments, often demanded in cryptocurrency, represent a direct financial loss. Even after paying, there’s no guarantee that data will be fully restored.
3. Phishing and Social Engineering:
Credential Theft: Phishing attacks can trick farmers and agribusiness employees into disclosing login credentials, providing cybercriminals with access to critical systems.
Fraudulent Transactions: Social engineering tactics can lead to unauthorised financial transactions or the manipulation of critical operational decisions.
4. IoT and Operational Technology (OT) Vulnerabilities:
Connected Devices: The use of IoT devices (including drones) for monitoring soil conditions, crop health, and livestock can create numerous entry points for cyber attacks if not properly secured.
5. Supply Chain Risks:
Third-Party Access: Agricultural operations often rely on third-party vendors for software, machinery, and other services. Cyber attacks on these vendors can cascade down the supply chain, affecting the entire agricultural operation.
Integration Vulnerabilities: The integration of various digital systems can create vulnerabilities that cybercriminals can exploit.
Recent Incidents
1. JBS Foods:
In 2021, JBS Foods, a major meat processing company with operations in Australia, suffered a ransomware attack that disrupted its global operations. The attack led to the temporary closure of processing plants and had a significant impact on the meat supply chain. This incident highlighted the vulnerability of the food and agriculture sector to ransomware and its potential to disrupt food supply. Whilst the full cost of the loss is unknown they did confirm paying an $11million USD ransom to the hackers.
2. GrainCorp:
GrainCorp, a leading Australian agribusiness, faced a cyber attack in 2022 that targeted its grain handling and logistics systems. The attack caused significant operational disruptions and highlighted the importance of securing critical infrastructure within the agriculture sector.
Risk Mitigation Strategies
To address these risks, Australian farming and agribusiness companies should consider the following strategies:
1. Device Management: When enabling a new sensor or device, take a few minutes to understand all the different ways these devices connect to your network and the Internet. Adhere to the following guidance to protect yourself and your systems:
- Avoid leaving connection points open when not in use.
- Choose IoT tools that can be updated easily.
- Always keep IoT systems up to date with current versions of the firmware.
- For non-IoT systems, ensure the operating system, firmware, security software, and web browsing tools are patched. Use currently supported systems capable of receiving updates.
- Using two-factor authentication is now considered a best practice—be sure to turn it on if your devices support it.
- For mobile devices, take the time to understand your devices’ security settings. Wireless features such as Wi-Fi, cellular, Bluetooth, near-field communication, location tracking (GPS), and media sharing can all be potential breach points if left unsecured.
2. Enhanced Cybersecurity Training: Regular training sessions for employees on recognising phishing attempts, safe internet practices, and the importance of password security.
3. Robust Access Controls: Implementing strict access controls to ensure that only authorised personnel have access to sensitive data and critical systems.
4. Incident Response Plans: Developing and testing comprehensive incident response plans to ensure a swift and effective response to cyber incidents.
5. Secure Supply Chain Practices: Ensuring that third-party vendors adhere to stringent cybersecurity standards to prevent supply chain vulnerabilities.
6. Advanced Cybersecurity Technologies: Investing in advanced cybersecurity technologies such as intrusion detection systems, endpoint protection, and secure communication tools.
This content is brought to you by 360 Underwriting Solutions Pty Ltd and 360 Financial Lines Pty Ltd (“360”) as a convenience to readers and is not intended to constitute advice (professional or otherwise) or recommendations upon which a reader may rely. Any references to insurance cover are general in nature only and may not suit your particular circumstances. Reference in this content (if any) to any specific commercial product, process, or service, and links from this content to other third-party websites, do not constitute or imply an endorsement or recommendation by 360.
References:
