The recent cyberattack on the world’s largest meat processing company, JBS S.A., sends a clear message that agriculture is not immune to cybercrime.
The JBS attack earlier this month is the largest such crime to date against an agri-food business. It affected company operations in the U.S., Canada and Australia, forcing 13 of its U.S. plants to temporarily close. The as-yet-unknown person or group responsible demanded JBS pay a ransom in Bitcoin (known as a ransomware attack) to get its data back and systems up and running again.
Why it matters: As farms and agribusinesses become more data-based and interconnected, they become more vulnerable to cyber threats.
According to Reuters, JBS paid an $11 million Bitcoin ransom and was operational within a few days of the attack.
The company processes approximately 23 per cent of the beef in the U.S. so any down time would have an immediate ripple effect and is most likely the reason the company paid the ransom quickly.
“The supply chains, logistics and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments,” threat researcher John Hultquist with security company FireEye told Reuters.
In many ways, agriculture and agri-food businesses are ripe for the picking for cyber criminals. Canada’s agriculture sector could be vulnerable because many farms and other agricultural operations can’t adapt and respond to cyber threats as quickly as those threats are evolving, said Cal Corley, Community Safety Knowledge Alliance’s (CSKA) chief executive officer, in a news release.
CSKA is a Saskatoon-based non-profit organization that has been tasked by the federal government to lead the Cyber Security Capacity in Canadian Agriculture project. In late March the ministry of Public Safety and Emergency Preparedness awarded CSKA $500,000 from the federal Cyber Security Cooperation Program to assess and promote cybersecurity in Canadian agriculture over the next four years.
“This initiative will help better understand and support the sector in closing critical gaps,” said Corley. The ultimate goal is to build the infrastructure needed to ensure Canada’s food system is cyber-secure.
CSKA said the “rising wave” of digital agriculture (such as big data, automation, precision and smart farming, blockchain) is revolutionizing how food is produced, but such digitization requires interdependency with multiple data and connectivity points, amplifying cybersecurity risks.
“The impacts of food supply disruptions can extend through the entire agricultural communities to provincial and national economies with potentially cascading costs reaching into billions of dollars and involving collateral damage to social stability,” the CSKA said.
“If technologies are implemented too quickly without (examining) how the various components fit together within a secure, farm-based cyber system, the result could be smart farming that isn’t always secure farming,” said Jonas Botschner, lead researcher on the CSKA project.
Farm operators are one group of stakeholders that CSKA will contact to understand what tools and resources are needed for security of farming operations. Botschner said CSKA invites farmers to “start thinking about what they want us to know and what they feel they need to know.”
Regardless of how much a farm operator knows or doesn’t know about how to keep farm data secure, cybersecurity expert and consultant Ritesh Kotak told Farmtario there are some simple strategies they can use to help ensure they don’t fall victim to a cyber threat.
Unlike big corporations with access to IT infrastructure and expertise, small businesses such as farming operations may not be able to afford or access the same type of expertise. Being aware that “anything connected to the internet is potentially vulnerable to an attack” is an important first step, said Kotak.
He said he often finds that small business owners use the same device for corporate and personal purposes, and some even use their personal email address for business transactions. “Because of that, they are not able to address any issues as they are occurring, and (they are) making themselves more vulnerable.”
How to protect yourself
Although cybercrimes such as the JBS ransomware attack appear to be high-tech, most security breaches are accomplished in low-tech ways, regardless of business size, he said.
Email is the most significant method of breaching a computer system.
“I always tell small businesses and individuals the most dangerous thing that you’re going to do today is open email.”
It’s critical that a farm operator, as well as any staff, understand how to identify a phishing email or an attachment that is malicious (see sidebar). A low-cost option as an added layer of protection is to have a cloud-based email system, such as Microsoft 365, he said. If a suspicious email is identified, it is quarantined and is unlikely to cause harm.
Kotak said understanding what he calls “cyber hygiene” is also key. The first thing to look at is infrastructure. What software and hardware systems are used? Free software, such as video conferencing apps or file sharing apps, often fill an immediate need (as was seen in the beginning of the pandemic), but these can make a system vulnerable.
Secondly, he said farmers need to know if their vendors have cybersecurity checks in place. “Vendors also have a responsibility in this to make sure that their systems are protected.”
Kotak advises farmers to buy from reputable vendors and ask whether they provide training on software updates. Vendors should be asked how data is stored, who has access to it, and whether it is encrypted and stored in a cloud-based system.
Also important is how often data is backed up, and how the data travels to the cloud. It should be encrypted during transit.
Kotak said buyers should not hesitate to ask questions of vendors, and as an added precaution they should also talk to existing customers if possible and not take a vendor’s word for the safety of products.
Finally, he advises farmers to ensure they adequately back up their files. This can be as simple as having an external hard drive that should be used daily. Alternatively, people can use a cloud-based program such as Microsoft 365 and ensure files are saved in OneDrive.
Tips on how to identify a suspicious email
- Even if an email is from someone you know or is from a reputable source, always hover over the sender’s name to ensure that the email address is correct. Kotak said people are often fooled by looking only at the sender’s name, and don’t notice that the sender isn’t who they think it is. For example, an email from John Smith that should be [email protected] may appear as [email protected]
- Often a phishing email will have spelling or grammatical errors. This is a red flag.
- The wording or tone will seem odd or different from what the sender normally writes, or you will be asked to click on a website link, and the sender does not normally do this.
If in doubt, Kotak advises contacting the person thought to be the sender and confirm.