A SOUTHWESTERN ONTARIO farm recently made news after a ‘ransomware’ cyberattack. While in this case, the hackers demanded a public admission of alleged pig mistreatment, cyberattacks are usually about money. Ransomware attacks, where infiltrators gain access to your data and prevent your access until a sum is paid, are the most common type of cyberattack today. Farms are not immune.
“Any business making money, whether in farming or not, is a target,” explains Dr. Ali Dehghantanha, Canada research chair in cybersecurity and threat intelligence at the University of Guelph’s Cyber Science Lab. “Regardless of your farm size, type, or location, if you are vulnerable, you will be attacked. The good news is that there are many helpful resources for farmers now available so that you can educate yourself and take action.”
One farm cyber-vulnerability, notes Dehghantanha, lies within the sensor networks now in widespread use — networks that can be accessed remotely by attackers. Dr. Lenore Newman, director of the Food and Agriculture Institute at BC’s University of the Fraser Valley, agrees. “Cyber-terrorists will target any farm with significant automated systems, even tractors and other ‘firmware’ in sectors such as grain. Farm equipment is extremely valuable and thus vulnerable to hacks.”
Dehghantanha advises ensuring all your farm’s IT services have two-step verification, updating all your systems promptly when requested (these updates often address a newly discovered security vulnerability), and regularly changing your passwords. At the same time, he urges awareness that IT vendors can only provide, and are only legally liable, for limited cybersecurity. “Attackers are using the gap between what your vendor provides and what you do or do not provide,” he says. “Ask vendors about the cybersecurity measures they are taking to protect your data and install recommended malware programs. There’s also a vulnerability issue in that everyone on the farm should know to call your IT provider immediately if something out of the ordinary has happened. Waiting to call is a big mistake.”
Email is another vulnerability, notes Brenda Miller-Sanford, manager of administration at Grain Farmers of Ontario — and attackers are becoming more advanced with its misuse. “Despite users having spam filters in place, attackers continue to find ways to get their emails through,” she reports. “They’re also getting more creative with their emails, making them look more authentic and targeted to the individual. Another tactic is brute force attacks on user accounts where consistent attempts are made to try and get the user ID and password. This highlights the need for longer and more complex passwords.”
To address cybersecurity concerns, Grain Farmers of Ontario has put multiple layers of data security, including 24/7 monitoring for suspicious activity and multi-factor authentication. A security risk assessment was also completed recently under the National Institute of Standards and Technology ‘Cyber Security Framework,’ which generated a long-term roadmap to address potential vulnerabilities and strengthen overall security protocols to reduce threat risk. “In July, we launched an employee security awareness training program,” adds Miller-Sanford, “with the goal of helping staff identify phishing, social engineering, and malware threats.”
According to Dr. Janos Botschner, a research associate at the Saskatchewan-based Community Safety Knowledge Alliance, a great deal of cyber-vulnerability lies in the human beings operating any business. The vast majority of attacks succeed through manipulating staff members who click on a link in a ‘phishing’ email,’ for example, or fail to notice a threat.
Botschner and his colleagues continue to work on the ‘Cyber Security Capacity in Canadian Agriculture’ project, expanding its reach, building more awareness about risks, and practical steps that address those risks. “We’ve also been engaging and collaborating with key agri-food stakeholders and other technical experts in our network to further this work,” he says. “For example, during this time, some of our colleagues at the Cyber Science Lab have identified and responded to a growing number of incidents targeting producers. Their findings are informing the work we do with producer organizations and commodity groups.”
Cybersecurity is a real issue that represents a threat to Canadian farmers, rural communities and domestic food security, says Botschner, but there are concrete things people can do to improve preparedness across the food system. “Dialogue and collaboration will be essential,” he asserts. “It’s also important to bear in mind that good cybersecurity practices can benefit farm businesses in a variety of ways. We’ve been encouraged to see a growing level of interest from government, major commodity associations and producers themselves, about this.”
- Put an official cybersecurity policy with standard operating procedures in place.
- Do not use public Wi-Fi for any personal or farm business without protecting yourself (for example by using a virtual private network – VPN – which encrypts data in transit).
- Work with a reliable IT firm to create adequate ‘firewalls’ and to separate networks for your farm business and home/family use.
- In the case of a ransomware attack, remember there is no guarantee that if you pay the ransom, you will get your data back. Paying may encourage repeat attacks. Instead, be proactive and create a recovery plan.
- Create a recovery plan using data backed-up in a secure off-site location. Start with critical business data and systems. “Take some time to sit down with your team and think through what you would do, and who would do what,” says Botschner. “Then, document this in more than one place, that you can get to if you need to. Also keep track of who has access to your most critical systems, and how they can access them. Update these authorizations, as needed — for example, if a worker leaves your employment.”
- Preserve all evidence. Report cybercrimes to law enforcement (this includes local police and the Canadian Anti-fraud Centre) and others who may be affected by the breach such as your suppliers or customers.
- Learn from the incident. Work until you understand exactly what happened, then take steps to increase prevention.
- Recognize that cybersecurity is an ongoing activity, similar to other required ongoing activities on the farm.
Community Safety Knowledge Alliance cybersecurity brochure: https://cskacanada.ca/wp-content/uploads/2022/01/Brochure.pdf?mc_cid=f86d02d3e3&mc_eid=c2c43a23a7
Justech: https://www.justech.ca (free breach reporting system)
Go Phish: https://getgophish.com/ (training to recognize phishing emails)
Cybersecure Catalyst: https://www.cybersecurecatalyst.ca/
The Canadian Cybersecurity Tool: https://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/cbr-scrt-tl/index-en.aspx (self-assessment tool and other resources)
The Canadian Food Innovation Network provides a lot of resources: https://www.cfin-rcia.ca/blogs/yodl-master-cfin/2022/12/13/cybersecurity-in
Canadian Agri-Food Automation and Intelligence Network: https://caain.ca/news-and-events/cyber-security-how-to-protect-canadian-agriculture-from-a-growing-challenge/
Password strength test: https://www.komando.com/security-privacy/check-your-password-strength/783192/
The University of Guelph Cyber Science Lab offers a for-fee support service for those managing cyberattacks and cybersecurity: https://cybersciencelab.com/ •