Is ag adapting to changing cyber threats?

According to two Canadian cyber security experts, some strides have been made. Still, preparedness in agriculture is lagging behind other sectors.

Janos Botscher, lead investigator for Cyber Security in Canadian Agriculture – an initiative supported by Canada’s federal government and designed to enhance critical infrastructure protection – says he has noticed a wider shift in focus within the industry. Where once companies, farmers, and other groups were primarily concerned with data ownership and guarding data, major ransomware and other cyber attacks directed at JBS Meats, grain company Crystal Valley, and a wide range of companies in different countries had jolted many out of complacency.

I think there’s starting to be a bit more awareness as a result of media coverage

“But even back in 2021, there weren’t a lot of people we come into contact with that really had this on their radar as an issue to address. I think there’s starting to be a bit more awareness as a result of media coverage of these bigger events,” says Botschner. He adds that, in Canada at least, federal agriculture and public safety ministries have been active in raising awareness and working with industry on cyber security threats.

“We can probably expect more awareness going forward. But we have to remember it’s not as simple as one farm being attacked. We’re really talking about critical infrastructure within a system and a global environment. Agriculture and food, as critical infrastructure, has lagged other critical sectors like health, energy, mining…It wouldn’t be a surprise if we turn with greater attention to agriculture sector and food system more generally.”

Different kinds of threats

Cyber threats are themselves evolving. Ali Dehghantanha, a cybersecurity expert and professor at the University of Guelph, confirms the frequency of cyber security incidents ticks higher year-over-year. As head of the university’s Cyber Science Lab – a lab which communicates the importance of improved cyber security, shares best practices, and provides support for those dealing with cyber attacks – incident reports from Southern Ontario have increased from a handful of cases in 2019 to over 20 in just the first half of 2023.

Cyber attacks are simultaneously getting more severe as ransomware is now commonplace

The rise in reports is partially due to higher awareness, says Dehghantanha. Speaking as a whole, though, cyber attacks are simultaneously getting more severe as ransomware is now commonplace. Botschner says the same, adding AI and “ransomware as a service” – where pre-fab ransomware packages can be acquired through the dark web – has made it much easier for malicious actors to scale and drop attacks.

“Small and medium business owners with systems that are networked – they’re also potentially vulnerable in different ways. They have what we say are more threat surfaces,” Botschner says, reiterating large companies are not the only victims being targeted. From hitting in-barn systems before milking time to shutting of ventilation, there are “all kinds of ways a bad guy can dial up the pressure to make people pay a ransom.”

_{Text continues below picture}

Backed by Russia

The bad guys are themselves a diverse bunch. While most commit cyber attacks for money, actors enabled by state governments – Botschner calls them cyber “privateers” – are a major concern. Hackers backed by Russia, for example, have been identified as the source of many large-scale cyber attacks, as well as attempts to interfere in election in the United States.

“There are reasons to pay attention and be concerned about the possibility in an environment where you have heightened conflict around a certain trade deal and activity to undermine trust,” says Botschner. “The stakes are not just for Canada…it’s more and more a global food security issue.”

There’s a third category of bad actor too, and one the agriculture and food sector might want to take particular note of.

More specifically, Dehghantanha cites special interest activists and their associated groups as something to watch.

The animal [sector] is becoming more and more involved in cyber extortion activities

“The other thing I can see changing is the animal [sector] becoming more and more involved in cyber extortion activities,” he says. “It is one of the first industries that you are seeing activists try to disrupt the business…just for the sake of giving awareness or disrupting the business. Especially in swine.

“We’ve had two strikes. Attackers were not asking for money to be paid. They were asking to publicize ‘this and this and this’ information.”

The path forward

In light of the diversity of cyber threats, both Botschner and Dehghantanha say greater awareness and openness about cyber threats, as well as cooperation within the agriculture and food industry, is important. For Botschner, individuals should remember they can be targeted just like large companies, but that they “don’t have to go it alone.” He encourages being open and asking for help when incidents occur, as well as incorporating cyber security planning into overall farm management planning.

“This is just an opportunity to add to your risk management and make your farm business more secure and profitable.”