The United States Department of Homeland Security issued a report that states that precision agriculture is vulnerable to digital threats.
The adoption of advanced precision agriculture technology and farm information management systems in the crop and livestock sectors is introducing new vulnerabilities into an industry which had previously been highly mechanical in nature, according to the Department of Homeland Security.
A research group visited and/or interviewed several large farms, and precision agriculture technology manufacturers located throughout the United States. “The group identified that the potential threats to precision agriculture were often not fully understood or were not being treated seriously enough by the front-line agriculture producers,” says Homeland Security.
Text continues underneath image
Most of the information management/cyber threats facing precision agriculture’s embedded and digital tools are consistent with threat vectors in all other connected industries. Malicious actors are also generally the same: data theft, stealing resources, reputation loss, destruction of equipment, or gaining an improper financial advantage over a competitor.
Therefore, improper use of USB thumb drives, spear-phishing, and other malicious cyber-attacks, are readily available threat vectors for an attack; and the generally accepted mitigation techniques in other industries are largely sufficient for creating a successful defense-in-depth strategy for precision agriculture.
Precision agriculture is unique, however, states the report. “Because it took a highly mechanical labor-intensive industry and connected it online, dramatically increasing the attack space available to threat actors. Due to this, otherwise common threats may have unique and far-reaching consequences on the agricultural industry.”
Text continues underneath image
The project uncovered potential threats to the crop and livestock sectors using the Confidentiality, Integrity, and Availability model of information security. “These threats have a potential impact to agriculture resiliency to withstand new types of disruptions which did not previously exist, or dramatically scale up the impact of legacy threats.”
Data privacy is a top concern when implementing precision agriculture. Farmers are very protective of their information, such as yield data, land prices, and herd health. Loss or misuse of the data can have dramatic financial and emotional impacts on farmers. There is also a potential reputational loss for equipment and software manufacturers. Four unique threats were identified under the confidentiality standard.
Precision agriculture has aggressively moved into “smart farming” with the introduction of massive sensor nets being built in the crop and livestock sectors. Data collection and exploitation is a valuable tool assisting in real-time farming and livestock decisions. As precision agriculture increasingly adopts equipment automation, robotics, machine learning, and edge computing, threats to data integrity are manifesting in ways never contemplated in the agriculture sector.
Farming and livestock operations are heavily equipment reliant. Major farm equipment is, a system of systems, relying on complex embedded tools, and a sophisticated suite of communication and guidance systems. Threats to equipment availability manifest from both cyber-related issues, and natural disasters. What became evident was the impact to equipment loss is very uneven and is heavily timing dependent.
While the threats to precision agriculture technologies are unique, the baseline security controls necessary to mitigate these threats are consistent with security controls in other industries.
As precision agriculture companies increasingly face technological threats, developing various controls such as incident response and physical security would provide deterrence.
The full report can be downloaded below.