Cyber Security Concerns in the U.S. Agricultural Sector

Farm Journal logo

As is the case with every other economic sector in the United States, the agricultural and agribusiness sectors have clearly benefited from the adoption of modern internet technology, allowing businesses to improve their marketing, quality and inventory control, reduce administrative and accounting expenses, and automate certain functions.  That is also true for many farming operations, especially those using precision agriculture technology to raise row crops or conduct real-time monitoring of irrigated crops and/or livestock.

For many farms and rural businesses seeking to adopt and utilize such technology, the major constraint has been reliable access to high-speed, broadband internet.  A recent survey commissioned by the organization Broadband Now found that 42 million Americans, mainly living in rural areas, do not have consistent access to such services.  The Bipartisan Infrastructure bill, which passed the Senate during the summer and is awaiting consideration by the U.S. House of Representatives, includes $65 billion in funding to bolster such access around the country.

Cybercrime has been an increasing problem in the United States, with the Federal Bureau of Investigation (FBI) reporting that 800,000 distinct cyber attacks had taken place across the country, with losses from ransomware payments and lost productivity estimated at $4.2 billion. In recent months, public reports of cyber attacks using ransomware have started to emerge in the U.S. agribusiness sector as well.  In late May of 2021, the management of JBS, a Brazil-based multinational meatpacking company, disclosed that they had been hit by a ransomware attack on their computer systems, which forced them to shut down their facilities, which included 20 percent of the beef-packing plants in the United States and numerous pork and poultry processing facilities in states such as Texas, Colorado, Nebraska, and Iowa for several days.  The company paid the hackers, believed to be elements of a criminal gang working out of the Russian Federation, a ransom of $11 million in crypto currency to regain control over their cyber systems.

In September, similar attacks were waged on two agricultural cooperatives, the NEW Cooperative in Iowa and Crystal Valley in Minnesota, although it turned out that both organizations were able to continue at least some of their operations by reverting to paper-based transactions at their elevators and farm supply stores.

Individual farms are also vulnerable to cyber interference across many aspects of their operations.  In August 2021, a group of ‘white hat’ hackers put out a video pointing out the vulnerabilities of self-propelled tractors and farm equipment which rely on GPS signals to operate.  They demonstrated that such equipment could essentially be hijacked remotely, similar to the Tesla car whose doors were opened remotely last spring through use of a drone intercepting a wifi signal.  This exercise also showed that multiple companies producing and selling this type of equipment could be hacked, potentially exposing sensitive information about their customers.

Using such an approach, malicious actors, whether motivated by profit or ideology, could disrupt farming operations by corrupting signals from sensors that lead to incorrect levels of pesticide or fertilizer application or water in the case of irrigated crops.

Telecommunications between farms and their service providers, especially those involving transfer and analysis of farm level data, could also be targeted.  In the case of the two agricultural cooperatives targeted earlier this year, the hackers threatened to disclose sensitive financial information about the cooperatives and their customers that they had stolen from their computer networks.  A September 2021 story on the Cybertalk.org website described an unnamed U.S. farm that had experienced a cyberattack in January of this year on its internal computer network and had suffered a loss of $9 million due to the need to temporarily shut down its operations.  Other farms may have experienced similar attacks without making them public, for fear of attracting more attention to their operations.

Unlike many other sectors of the U.S. economy, the food and agricultural sector does not currently have a sector-wide clearinghouse set up to coordinate its response to cyberattacks, having abandoned its previous effort in 2008.  There are no mandatory rules in place to help companies secure their computer systems, only voluntary guidelines.  In remarks made at a Wall Street Journal Global Forum in June, Agriculture Secretary Tom Vilsack indicated the Department’s willingness to serve a convening role for industry players to sit down and lay out the steps that need to be taken to harden their computer networks against intrusion. He reiterated his concerns over the sector’s vulnerabilities in the aftermath of the attacks on the two Midwest cooperatives in September.

Individual farming operations need to take heed of the same warnings.  In a 2020 article published in the journal Computers and Electronics in Agriculture, the authors audited the computer networks of six dairy farms in Finland.  They found that many of the farm owners had installed computers and networking equipment designed for consumer use and not for business settings.  In addition, owners typically had left security measures and passwords in the factory default settings, which made the systems vulnerable to hacking.  In most cases, the computer systems were assembled as the farm expanded its needs, and were not carefully planned.

This is a set of issues that should be taken up for consideration by the House and Senate Agriculture Committees for the upcoming farm bill, if not sooner.  Cybersecurity issues should be treated with the same urgency that biosecurity issues achieved in agriculture in the aftermath of the 9-11 attacks and the anthrax attack shortly afterwards.  Colleges of agriculture should consider offering courses or even undergraduate majors in cybersecurity for agriculture, because right now there are very few people trained in this area who are familiar with the important and unique aspects of the agricultural and agribusiness sectors.

 

Latest News

DOE Rejects API Appeal on LNG Export Suspension, Ensures Review Continues
DOE Rejects API Appeal on LNG Export Suspension, Ensures Review Continues

The Department of Energy (DOE) has declined a request by the American Petroleum Institute (API) and others to lift the suspension on new liquefied natural gas (LNG) export approvals.

Oil Testing Offers Value: Like a Blood Test for Tractors and Combines
Oil Testing Offers Value: Like a Blood Test for Tractors and Combines

Oil and fluid testing answers both short- and long-term questions about the internal condition of engines, transmissions and hydraulic systems.

Airplane
Still Waiting on SAF Announcement

While the White House aims to boost production of SAF, it has faced challenges in defining rules for tax credits, particularly for crop-based forms of the fuel.

Corn Prices Higher After USDA's Bullish Reports, Soybeans Flat: Where Do the Markets go Now?
Corn Prices Higher After USDA's Bullish Reports, Soybeans Flat: Where Do the Markets go Now?

Grains end mixed with strong gains in corn in reaction to USDA's 90 million acre estimate and lower than expected stocks. But how much higher can corn go? Garrett Toay, AgTraderTalk, shares his thoughts.

Where Did All the Corn Acres and Principal Crop Acres Go? The Two Biggest Questions from USDA's Big Prospective Plantings Report
Where Did All the Corn Acres and Principal Crop Acres Go? The Two Biggest Questions from USDA's Big Prospective Plantings Report

USDA says farmers intend to plant 90 million acres of corn this year, which is lower than the trade expected prior to USDA's big Prospective Plantings report.

USDA Shocks the Markets with 90 Million Corn Acre Estimate:  Where do Corn and Soybean Prices Go From Here?
USDA Shocks the Markets with 90 Million Corn Acre Estimate: Where do Corn and Soybean Prices Go From Here?

USDA provides bullish reports for corn, but neutral to bearish for soybeans and wheat. Brian Splitt, AgMarket.Net, has details.