Technology has improved productivity, efficiency and communication in every industry across the globe, and agriculture is no exception. Once considered a traditionally low-tech industry, the increased use of e-mail, online monitoring tools, remote controls and payment systems – together with automated smart farming equipment such as internet-connected tractors – means the digital threat level has increased for farmers, says Carey van Vlaanderen, CEO of ESET Southern Africa.
“As is the case in many industries across the globe, a growing reliance on online, connected technologies means businesses are more vulnerable to cyber attacks. The use of smart devices, including sensors and analytics, IOT devices, robotics, drones and precision farming, have all transformed the agricultural landscape for the better. These tools also gather extensive quantities of sensitive information that could be lucrative to criminals seeking financial gain,” notes Van Vlaanderen.
In a report released in 2023, South Africa ranked number five globally in a list of countries worst affected by cyber crime. Disruptions in Transnet’s IT applications following a cyber attack brought agricultural imports and exports to a standstill in July last year. “In a world increasingly reliant on digital technology, the agricultural sector’s vulnerability to cyber attacks not only threatens individual agricultural businesses but poses a risk to national food security, making robust cyber security measures of critical importance.”
Van Vlaanderen says the threat is certainly not unique to South Africa, as a report from the University of Cambridge found that smart farming technology such as automatic crop sprayers and robotic harvesters could be hacked and the probability with which this could happen is increasing. Cyber criminals recognise the global reliance on food and agriculture as an opportunity to target the industry with cyber attacks to achieve either financial gain through ransomware or for social and economic disruption. Ransomware attacks can be particularly malicious, for example, by erasing backups or threatening to publish confidential information online as a strategy to pressure an organisation into paying the ransom with little risk of being caught and apprehended. “Today, almost every farmer and agricultural enterprise will use some form of technology to do business. For smaller businesses, simple security solutions such as the automatic updating of software, anti-virus software and multi-factor authentication are critical. However, larger more intensive farming operations using automated farming systems may require more complex security measures.”
Agriculture in general has historically been shown to have a low level of cyber security in place since attacks are not perceived as being as prevalent as in the financial sector. “There is a prevailing myth among some sectors of the South African farming community that their businesses simply aren’t an attractive target for cyber criminals. But given the vast amounts of data inherent in many agricultural activities, as well as the substantial financial transactions involved, it is preferable to take a proactive approach to digital security in the face of sophisticated cyber threats,” says Van Vlaanderen.
While addressing cyber security challenges in agriculture can be complex, she adds that there are steps agriculture firms can take to reduce their exposure, limit the damage of an existing attack and position their employees as the first line of defence. “A necessary first step in strengthening defences is to identify where critical infrastructure is vulnerable to attack. This will be different for each business. Some operations may require more investment in cloud security or vulnerability discovery, while businesses may need to extend their cyber security efforts to include safeguarding themselves from cyber threats in the form of phishing e-mails from the companies they partner with and procure from.”
With almost 88% of data breaches being caused by an employee mistake, Van Vlaanderen says a strong human risk management programme with regular employee training and cyber security awareness is a crucial element of any cyber security strategy. “Employees can be just as susceptible to cyber threats and should be reminded on an ongoing basis of the risks that are out there and the impact that it can have on them and the farming business. Humans are prone to mistakes, but these mistakes, ranging from failure to properly delete data from devices to preventable errors like clicking on links in phishing e-mails, are also preventable.”
The farming industry is vital to the world’s food industry and requires the utmost protection from cyber attacks. “From basics such as implementing password managers and using multi-factor authentication to using cutting-edge security technology to withstand an attack on big farming service companies, much more can be done to ensure farmers are supported with the very best cyber security strategies and solutions,” says Van Vlaanderen.
Source: ITWeb