Recent cyberattacks serve as a reminder that all types of businesses and industries are susceptible to attacks — including agriculture. Whether you’re a small farmer, production farmer or an agriculture cooperative, being mindful of potential cyber threats is a best practice. Ransomware attacks, which block access to a system until money is paid, are among the most common threats. Cybercriminals may be more likely to launch these attacks during critical planting and harvest seasons. This can disrupt operations, lead to financial loss and negatively impact the food supply chain.
Why cybercriminals target agriculture
There were six major cyberattacks against grain cooperatives during the fall 2021 harvest, according to a report from the FBI. There were also multiple attacks earlier in the spring. Most notable was the September 2021 attack on Minnesota-based cooperative Crystal Valley. Both their website and payment systems were shut down, forcing the cooperative to do everything by hand until systems were back online.
Cybercriminals target the agriculture industry during these critical times because victims are more likely to pay the ransom to avoid delays in production. Although ransomware attacks against the entire farm-to-table spectrum occur on a regular basis, the number of cyberattacks against agricultural cooperatives during key seasons is notable.
Ransomware is the most common type of attack against the agricultural industry, especially for large operations and cooperatives. These attacks can slow production and take over administrative functions such as websites and email systems. For example, a disruption at a meat or dairy facility could lead to spoiled products. Disruptions at a grain facility can hold up processing or logistics. We’ve already seen food system issues due to the pandemic and the war in Ukraine. Cyberattacks could further disrupt the food system and hold up supply, exacerbating the current shortage.
How you can avoid ransomware attacks
The best way to avoid ransomware and other cyberattacks is to have best practices in place. Here are a few measures agriculture cooperatives and farms can take to protect themselves from an attack.
Back up your data
Given that ransomware holds your systems and files hostage, the best way to avoid this threat is to regularly back up your data and keep password-protected versions of your files offline. Data management is critical for the agriculture industry. Because ransomware works by altering and deleting data and programs, your files should be saved in a place where they can’t be modified or deleted. A simple hard drive or storage device will work. If you run a more complex operation, you may want to consider cloud solutions for backing up and protecting data. The key is to have safe copies of everything important.
Develop a plan
No one plans to get hit with a cyberattack, but it is a best practice to have a recovery plan in place. Part of your recovery plan should include maintaining and retaining multiple copies of your proprietary data, with servers in a physically separate, segmented and secure location. Your plan should also include a detailed list of critical functions. Use this list to develop an operations plan in the event your systems go offline and are held ransom. If your operations systems are offline, your plan should consider ways to operate manually if necessary.
Keep your systems and passwords updated
It’s critical to keep your software up to date. Don’t wait to install updates and patches to your operating systems and virus protection. We also highly recommend implementing multifactor authentication (MFA). MFA is now required for most cybersecurity insurance policies. It also helps provide a second level of protection for your systems.
Passwords are one of the simplest ways to protect your operation from cybercrime. It’s a best practice to regularly require password changes. Changing your password every three months is much more secure than only changing it once a year. Avoid reusing passwords for multiple accounts and use strong pass phrases that contain random words and characters.
Focus on training and awareness
Whether you manage a family farm or a larger operation with a few employees, training and education can go a long way in preventing a cyberattack. Regularly provide users with training on information security principles and techniques, as well as emerging cybersecurity risks and vulnerabilities. Most cyberattacks begin through email, so educating yourself and those around you can go a long way in avoiding an attack. Train anyone who uses your systems on common phishing techniques that feature bogus links and attachments. Be careful when clicking on links and opening attachments, even from verified senders.
Prevention is key
The key to avoiding cybercrime is prevention. You don’t have to be a multi-million-dollar organization and have an entire IT team to avoid an attack. Simple measures such as regularly updating your systems, backing up your data and being careful about clicking links can help your operation avoid an attack. It’s also a good idea to avoid using public Wi-Fi and only access data through secure networks. A cybersecurity insurance policy is something you should consider as well. This type of policy can help cover the costs of an attack and even a ransom. Protecting yourself against cyber threats can seem like just one more thing you have to do, but given that the average cyberattack can cost $200,000, you’ll be glad you have these measures in place.