Ransomware attacks on grain coops may just be the start of ag sector security woes
(Malware News) – Recent ransomware attacks against U.S. grain cooperatives and a farm data platform are raising the specter of food supply chain disruptions while highlighting the economic and physical security risks of reliance on increasingly sophisticated systems to feed the world.
America’s farms have led the way in real-world applications of innovations, from self-driving vehicles to satellite imagery, so much so that many farmers are already living in the future: They rely on farm platforms that can connect information from their tractors, drones, satellites, soil samples, and public sources to map out plans for planting, which herbicides or pesticides to use, and harvests.
“Everything is connected,” explained Auburn University Professor Robert Norton, who studies food safety.
But doing this “precision agriculture” doesn’t just improve yields, it can also expose farms’ digital attack surfaces while creating a treasure trove of valuable data. And those systems and data are increasingly being targeted, including in two ransomware attacks this week, one targeting the Minnesota-based Crystal Valley Coop and another attacking NEW Cooperative in Iowa and its associated farm data service provider and platform SOILMAP.
“CISA and FBI are in close contact with NEW Cooperative and have offered assistance in supporting the company’s response and recovery,” a Cybersecurity and Infrastructure Security Agency spokesperson said in a statement to The Record. “The company is engaging proactively with CISA as the investigation progresses,” according to the statement, which described ransomware as “a longstanding global epidemic.”
The attackers may be asking for money now, but the data potentially compromised is also valuable economic and strategic intelligence. And researchers warn that the integration of insecure farm platforms with the guidance systems of farm equipment including tractors and harvesters—steel goliaths that are now high tech and extremely high-priced, with fully decked-out models easily costing hundreds of thousands of dollars—presents a physical and national security threat.
“In some ways, we are lucky that the current focus is simply extortion: at some point, a hacker is going to act maliciously to misread temperature gauges, DDoS a smart tractor fleet, or overprescribe/underprescribe fertilizers/chemicals,” Rian Wanstreet, a PhD candidate at the University of Washington and Affiliate of Harvard’s Berkman Klein Center for Internet and Society, told The Record.
“Such disruptions would be catastrophic,” said Wanstreet, who studies agriculture and technology.
Right now, there are usually still manual failsafes in processes that might prevent such attacks from causing major damage, according to Professor Bradley Miller, who teaches agronomy and leads the Geospatial Laboratory for Soil Informatics at Iowa State University. For example, self-driving tractors still have humans in the cab who can take over, he said.
But there have already been attacks on the food supply chain, including the ransomware infection that affected the U.S. plants of the world’s largest meat processor JBS in May. But the disruption was minimal in that case, in part because JBS paid the $11 million ransom almost immediately and lost less than a day of operations.
In a June 9 statement, the head of their U.S. operations described making the ransom payment as a “very difficult decision” for the company and himself personally, but one that “had to be made to prevent any potential risk for our customers.” Read Full Article >