See the basics that you should know about cyberattacks in agriculture so you know how to protect your ag operation.
Did you know that experts estimate that a cyberattack occurs once every 11 seconds? Such attacks put your ag operation at risk of disruptions to your operation, money loss, data breaches, and more. Unfortunately, agriculture is a popular target for cyberattacks. See excerpts from Growing Produce on a Q&A with an industry expert on cyberattacks in agriculture below and learn what they are and how to protect your ag operation.
Cyberattacks in Agriculture
Michael Moore, the Executive Vice President at EFC Systems, a provider of ag software aimed at improving efficiency and profitability, answers the most common questions related to cyberattacks in agriculture, including how to protect your business.
Q: “Is the ag industry a target for cyberattacks?”
A: “Not only is ag a target, but it is an easy target regardless of size. On average, ag retailers allocate about .6% of gross revenues towards their technology budgets. Underspending on technology makes it extremely challenging to install the necessary lines of defense to protect technical resources and opens the door for threat actors to enter your environment. As a comparison, businesses outside of ag allocate 2%-5% of gross revenues towards their technology budget and actual amounts vary based on company size and industry.”
Q: “How do cyberattacks occur?”
A: “Roughly 91% of cyberattacks originate from individuals clicking on embedded links in enticing emails that are commonly referred to as a phishing email. Once activated, harmful tools are installed on source systems that ultimately provide a gateway for threat actors to encrypt computer systems and hijack sensitive data.”
Q: “What happens during a cyberattack?”
A: “It is common for tools installed by threat actors to go undetected for weeks or months so that critical systems and sensitive data can be identified for encryption at a future date. Once complete, threat actors will encrypt data and a systematic process to shutdown systems will occur. It all starts with one user reporting some sort of cyber notice, which quickly spans throughout the entire network. Access to various systems for accounting/financial, agronomy operations, email, and other mission-critical applications are all unavailable. Eventually, a ransom notice will surface and a request to negotiate a price to restore access to systems and data will occur. During this time technology teams should be following their Incident Response Plan (IRP) to assess the damage, determine system restore points, bring up new systems on a clean network, clean infected devices, and transition from electronic to a manual/paper path to continue to serve customers. It is common to engage with outside firms for legal, forensics, and negotiation services, especially for those with cyber insurance coverage.”
Q: “Why should I be concerned about cyber threats?”
A: “The first obvious reason why cyberattacks should be concerning is generally all systems are unavailable during an attack, which creates operational challenges for every part of your organization. The second and less obvious reason is the exfiltration of data from your network can be sold on the dark web potentially exposing your customers and team members. Threat actors target sensitive data from HR and finance teams, so it is a good practice to encrypt, or password protect files that contain sensitive data to add an additional layer of protection.”
Griffin Fertilizer is committed to helping both growers and ranchers make sound agronomic and economic decisions in order to maximize the health of their grove and pasture. As a full-service custom dry & liquid fertilizer blender and crop protection product distributor, we will continue our mission to further advance Florida agriculture. For questions or concerns about your farm or pasture, contact us and one of our team will be in touch.