By Molly Ashford
Cybercriminals are increasingly targeting the food production and agriculture sectors.
A recent study from global cybersecurity firm Check Point found that agriculture saw the largest year-over-year increase in cyberattacks 101 percent of any industry in the world. In the U.S, the increase was 38 percent, according to Check Point researcher Omer Dembinsky.
“Not double, like the overall number worldwide, but still very significant,” he said of the U.S. increase.
The agri-food sector still isn’t one of the top targets for cybercriminals education, telecommunications and government continue to make up the most targeted industries. But as farms and production facilities become more reliant on technology, Dembinsky said, they also become more vulnerable.
“There is more and more modernization going on and continuing to grow the computers in the field, and in manufacturing and transport,” Dembinsky said. “And it’s not something that has a lot of security and safety guards like bank institutions or the government.”
The industry has seen multiple recent high-profile attacks on large companies in the U.S. Last year, a cyberattack on Ahold Delhaize USA the parent company of Stop & Shop led to limited inventory at some stores. United Natural Foods, a grocery wholesaler which supplies Whole Foods and a number of smaller grocers, had to completely shut down its online ordering platform after a cyberattack in June.
But Doug Jacobson, who runs the Center for Cybersecurity Innovation and Outreach at Iowa State University, said that cyberattacks on small and mid-size farmers are also occurring, even if the attacks don’t attract widespread attention.
“An adversary steals $5,000 from a farmer, (it) doesn’t make the news,” Jacobson said. “An adversary steals $5 million from a meat processing factory. That makes the news. So our farm sector is already under attack.”
As agriculture technology like drones and computerized irrigation become more advanced, that creates an opportunity for bad actors to gain access to controls and shut down production. But many of the threats to smaller producers take the same shape as the phishing or extortion scams that impact many industries and individuals, Jacobson said.
“A lot of it right now deals with convincing the producer to transfer money to the wrong place,” he said. “Convincing them that, ‘Hey, I’m the co-op, and we have changed banks, so now you need to route the money to this bank.’”
Lawmakers and researchers take notice
Federal lawmakers have introduced at least four bills this year to address the growing cybersecurity risks in agriculture. The proposals range from requiring the U.S. Department of Agriculture to conduct annual crisis simulations to prepare for cyberattack scenarios, to establishing research programs at universities across the country.
U.S. Rep. Don Bacon, a Republican from Nebraska, first introduced the American Agricultural Security Act last year as part of the farm bill, which was never passed. His proposal would direct the Secretary of Agriculture to establish at least one biosecurity and cybersecurity research center at a U.S. university. That center would work with the Agricultural Research Service and other federal agencies to research cybersecurity issues in agriculture and provide training and workforce development.
Click here to see more...