Smart farms and cybersecurity - steps to protecting your agriculture business

Modern farms and agricultural operations work far differently than those a few decades ago primarily because of advancements in technology including sensors, devices, machines, and information technology. Today's precision agriculture routinely uses sophisticated technologies such as robots, temperature and moisture sensors, aerial images, and GPS technology to improve profitability, efficiency, and safety as well as creating the opportunity for more environmentally friendly operations.

With these increased opportunities comes increased risk since adoption of smart technology means farmers and food processors are exposed to cyber attacks. While there is a misconception that big corporations are typically most susceptible to attacks, the increasing digitalization within small and mid-size operations make them viable targets for criminals as well.

In 2019, the HSBC issued a warning to farmers in the UK about the risks of cybercrime. Criminals, they said, were specifically targeting the sector and have exhibited an excellent understanding about the inner workings of the industry. Attacks were likely to occur at the same time as when farmers were expecting to receive significant revenues. The criminals take advantage of peak times when their targets are busy or distracted. Some common threats are phishing campaigns, ransomware attacks, and malware.

Phishing campaigns - Phishing campaigns are among the most common cyber threats and involve malicious links sent via email. These links contain malware that—when clicked—give cybercriminals access to confidential information and the potential to manipulate digital operating systems. Compromised data can also interfere with the transportation and processing of agricultural goods.

Ransomware attacks - Ransomware is a type of malware that prevents users from accessing their system by encrypting files and then demanding a ransom to unlock the system. Cybercriminals will usually establish a deadline for the ransom to be paid. If the deadline passes, either the ransom payment increases or the files are permanently locked and lost. The cost of a ransomware attack goes far beyond the ransom being demanded. The more damaging costs that can be incurred include but are not limited to loss of data, lost profits due to downtime, reputational damage, recovery costs, and potential legal penalties.

Malware - Malware is a series of code designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Designed by cybercriminals, malware can be delivered in the form of a link or file over email, or a link on a malicious site. In both cases, an unaware user clicks on the suspicious link or opens the file to execute the malware. The most common types of malware include viruses, worms, trojans, and spyware.

Steps to protecting your business

Unfortunately, it's very common for businesses of all types to become a victim of a cyber attack, and farms are no different. And while keeping the business operations protected and running smoothly is a priority, it is important to remember that agriculture businesses play a critical role in putting food on tables. A disruption due to a cyber attack can have far-reaching consequences, but there are foundational steps that farms can take to be prepared.

Cybersecurity awareness – Awareness of cyber risks and the measures to mitigate them must start from the top. Leadership must ensure that all employees at all levels are aware of the threats and what's expected from them. Every worker, from the most senior to most junior, can pose a security risk if they fail to follow guidelines. Organization-wide cybersecurity awareness can be achieved by conducting mandatory awareness training for all staff at least once a year in addition to a thorough review of cybersecurity policies and procedures by all staff.

Backup management - An effective backup management strategy can help to mitigate the risk associated with cyber attacks such as such as a malicious attack (virus or malware) or ransomware. Backup Management refers to the process of routinely creating a copy of data that can be recovered in the event of a cyber attack or data failure. Data failures can be the result of hardware or software failure, accidental deletion of data, or data corruption. Backup copies allow data to be restored from an earlier point in time to help the business recover from a cyber attack. It is important for an organization to establish a process where regular backups are done. It is also imperative that backup data is stored away from the production environment to help ensure that any issues with your production data does not impact the data backups.

Vulnerability Assessments and Penetration Testing (VAPT) - A vulnerability assessment is the process of identifying and qualifying vulnerabilities within your current systems and infrastructure. Penetration testing is a method of assessing the security of a computer system or network by simulating an attacker's attack. This process includes an active analysis of the system for any deficiencies, technical flaws, or vulnerabilities. This analysis is carried out from the perspective of a potential intruder and will include the active exploitation of security vulnerabilities. With a completed VAPT, any identified security issues—including their threat level—are presented to the system owner. In addition, a completed VAPT may also present a risk reduction plan or technical solution. The results of a VAPT will provide the owner with the information necessary to address gaps in their cybersecurity infrastructure.

Incident response plan - An incident response plan is a set of instructions to help your organization detect, respond to, contain, and recover from cybersecurity incidents. A sufficient incident response plan offers a course of action for all significant scenarios that could occur. Some incidents lead to massive network outtages or data breaches that can impact your organization for days or even months. In the event of a cyber attack, your organization needs a thorough, detailed incident response plan to help with the execution of the appropriate steps required to limit the damage and facilitate a quick recovery.

How can BDO help?

BDO Canada's cybersecurity consultants offer cybersecurity services—ranging from threat assessment to governance and oversight control environment—across the country. We understand that cybersecurity is a priority for your organizations, particularly if you are a public entity that holds internal and external information deemed high risk for attack.

BDO aligns its cybersecurity auditing approach with the industry-leading practices and leverage our expertise in management consulting to deliver a holistic assessment report.