$60bn Aussie agriculture sector must be wary of ransomware, hacktivists

The FBI has issued a warning about hacker threats to US farmers that applies equally to Australian businesses that introduce networked machinery to agricultural processes.

Backend data management systems are not the only equipment that companies in Australia’s $60 billion agricultural sector need to protect from hackers, according to the FBI.

As networked-aided machinery, otherwise known as the Internet of Things, is integrated with production processes, these also can be exploited by hackers and could cause significant problems to an industry that traditionally hasn’t been sensitive to computer security threats.

Sunrice, a large Australian agriculture company, recently noted after purchasing hardware from US security firm Palo Alto Networks, that the devices would help it ward off file encrypting ransomware.

Farmers and agriculture firms also fall within critical infrastructure, as key suppliers of food to a nation. Like other industries, agriculture firms are venturing into new technologies, ranging from analytics to robotics, to boost productivity.

That trend introduces new cyber risks, the FBI highlights in a recently published document that zeroes in businesses that adopt precision “smart farming” techniques, singling out poorly-secured drones as a potential threat to a sector that may be naive to hacker threats.

“Historically, the farming industry has lacked awareness of how their data should be protected from cyber exploitation, likely reflecting low industry demand for adequate cybersecurity,” the FBI notes in a private industry document published by Public Intelligence.

“In fact, drone manufacturers are focused on offering low pricing structures for farmers by developing data platforms that are interoperable with legacy systems, a hallmark of networked devices with poor cybersecurity,” it continued.

The FBI urges agriculture businesses to take caution with their own network equipment and IT suppliers, such as app developers and cloud service providers.

As an example, it points out that attackers may use the same big data techniques the US government has used to forecast crop supply and prices to hack US agriculture resources and market trends.

As a recent spate of ransomware attacks on hospitals in the US have illustrated, some organisations are prone to such attacks due to the potentially high cost of lost lives if a ransom is not paid.

The FBI warned that farmers may also be targeted by ransomware or data destruction attacks, where no ransom is demanded but data is destroyed anyway.

A high profile example of the latter case is Sony Pictures Entertainment, which was subjected to malware attack, suspected to originate from North Korea, that wiped the firm’s hard drives.

In agriculture sector the FBI imagines that hacktivists may target a farm that uses genetically-modified organisms or pesticides.

The FBI urged farmers to invest in data backup processes. Since antivirus products cannot guarantee to catch all malware variants, the only way to ensure data is not destroyed or held ransom is by backing up to offline storage.

“The single most important protection measure against these threats is to implement a robust data back-up and recovery plan.

Back-ups should be maintained in a separate and secure location so that malicious actors cannot readily access them from local networks,” the FBI said.

It also recommended adopting VPN and two-factor authentication for employee logins and to monitor them for access during unusual hours.

Take this 5 minute survey on The State of Cloud Storage & Collaboration 2016 and go in the draw to win a $500 Visa credit card.

Start Survey NOW

Join the CSO newsletter!

Error: Please check your email address.

Tags hacktivistsdata back upVPNstargeted atatcksNetworked machinerycyber securityagricultureanalyticsagriculture ITfarmersdata platformhacker threatsInternet of Things (IoT)productivityIT suppliersencryptionhospitalfbiransomwarecomputer securitynetwork equipmentroboticsauthentication

More about FBIPalo Alto NetworksSonySunriceVisa

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place