By Tim Alexander
PEORIA, Ill. - The chief of the Department of Homeland Security’s (DHS) Strategic Defense Initiatives had a clear message during his recent presentation at the Peoria County Farm Bureau auditorium: if you haven’t already, it’s time to safeguard the confidentiality, integrity and availability of information associated with your high-tech farming equipment and online business records.
Jim Platt, who leads the DHS’s efforts to reduce the risk to the nation’s infrastructure created by overdependence on Global Positioning Satellite (GPS) systems, told the few dozen farmers on hand for his July 28 presentation that it’s important to maintain and protect embedded and digital tools used in precision agriculture, and to make sure they understand their equipment and device security features and capabilities.
“It’s not about having Fort Knox,” said Platt, a retired Army lieutenant colonel and member of the military police. He played a primary role in the development of Presidential Executive Order 13905, Strengthening the National Resilience Through Responsible Use of Positioning, Navigation and Timing Services. “It’s about having enough defenses out there that when people look at your system, they go somewhere else.”
During his unclassified brief to the Peoria County Farm Bureau membership, Platt pointed to the June 2021 cyber attack against the JBS packing plant, which serves 28 states and is the world’s largest meat supplier, as a wake up call to the nation’s food and agriculture industries. The breach, which involved more than 45 GB of data being exfiltrated by a ransomware group, also served to call attention to other cybersecurity threats to modern agriculture. They include new crop and livestock vulnerabilities created by the adoption of advanced precision agriculture technology and farm information systems.
“The information management and cyber threats facing agriculture’s embedded and digital tools are consistent with threat vectors in all other connected industries, and the malicious actors are typically the same,” said Platt, before offering advice on how to keep hackers and ransomware threats away from business computers and GPS-driven farming equipment.
“You’ve got to think of those key functions of your business that you need to keep operating, and if they’re automated you have to protect them. They may not go after your tractor; they may go after your customer base,” he said. Platt suggested a number of cyber hygiene measures for farm business computers and devices. They included securing networking systems by implementing firewalls on routers, making sure all accounts have strong, updated passwords and making sure to test data recovery and backups.
Platt recommended farmers take the Cybersecurity Infrastructure and Security Agency’s (CISA) Ransomware Readiness Self Assessment, available at www.cisa.gov/stopransomware/cyber-security-evaluation-tool-csetr, to determine what may be lacking in current personal computer and systems malware prevention tools.
“There are a million threats out there every day, and most of them revolve around money, the biggest driver behind all this,” Platt said.
According to the DHS and the Federal Bureau of Investigations (FBI), cyber attacks on the agriculture industry are on the rise. In addition to last year’s JBS cyber attack, a string of ransomware attacks targeted grain cooperatives beginning in September and October 2021. A number of attacks have also targeted grain co-ops and other food and agriculture supply chain players in 2022, the FBI recently reported. And in May 2022, AGCO-Fendt fell victim to a ransomware attack that impacted some production facilities by shutting down production lines for several days.
An online CISA resource, www.cisa.gov/shields-up, offers up-to-date cybersecurity news and alerts, guidance in preventing and detecting potential intrusions, ransomware response options and more. “This is a new initiative by DHS. Right after the war between the Russians and the Ukranians (began), we saw a bunch of cyber attacks taking place and we wanted to make sure the owners and operators of critical infrastructure have access to what these threats are,” Platt said.
According to CISA, Russia’s invasion of Ukraine includes malicious cyber activity against the United States and its allies, likely in response to the unprecedented economic sanctions imposed on Russia.
“Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks. Every organization – large and small – must be prepared to respond to disruptive cyber incidents. As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. When cyber incidents are reported quickly, we can use this information to render assistance and as warning to prevent other organizations and entities from falling victim to a similar attack,” states the CISA Shields Up webpage.
Suspicious cyber activity and/or cyber incidents should be reported to CISA at firstname.lastname@example.org or by phoning 888-282-0870.