When I was at Purdue as undergraduate, my major was Ag Econ. I focused on sales and marketing, and really enjoyed it. Back then, the only stress us students we really were just to study hard, make sure that we got the best grades possible, getting a summer internship, and of course graduating with some kind of job in our hands.
Back then, all the students could talk about was getting back to the family farm, or pursuing what ever ag related goals they had in mind, even if it was to start their own consulting company. Smartphones were never heard of, Cyber threats hardly existed, and really, the only form of technology I had to work with the Krannert School’s of Business PCs which were outfitted with Windows 3.1
Fast forward a couple of decades later, now we are faced with a Cyber threat landscape that seems to have no beginning or an end. It’s like a faceless giant. It seems that every facet of our life, whether it is physical or digital, is being affected.
Now, it seems like the farming sector is being affected by the Cyber attacker as well, with the emphasis being that on what is called “precision agriculture”.
What exactly is it? Well, it is a combination of various technologies that make use of the following:
*Global Positioning Systems (GPS);
*Various other forms of sophisticated communications systems.
In turn, these tools are used to generate Big Data sets, from where unseen trends can be discovered and analyzed to aid in making more efficient current farming methods. The Cyber threats that are involved hear include the theft of personal and confidential data, other sensitive resources, and even the theft and/or the total destruction of equipment.
These findings came about from extensive field research that the DHS conducted when they visited farms and other precision agriculture firms across the United States. In the past, farmers had to manually calculate what the proper mix of agricultural and livestock inputs were needed in order to lower costs and improved yields.
But now, they have the technology that automates this entire process, and even this is at risk as well to a Cyber-attack.
In its warning, the DHS even stated that those third parties that have contracts or other types of business relationships with the precision agriculture industry are also at grave risk, because of the proprietary information/data that is currently shared.
However, the precision agriculture industry is different that some others, in that it still tends to be highly mechanical, and labor intensive in nature, but now just started to make traction into the online world.
The Cyber-attack surface is much larger, and unlike others, it will take a much longer time to decrease. Thus, as the DHS states, “threats that would otherwise be viewed as common, may have unique and far-reaching consequences on the agricultural industry.” (SOURCE: https://www.securityweek.com/dhs-warns-threats-precision-agriculture).
But to make the picture even gloomier, the precision agriculture industry is also prone to other macro level attacks, such as:
*Intentional theft of data;
*Intentional publishing of confidential information;
*Access to unmanned aerial system (UAS) data;
*Sale of confidential data;
*Falsification of data for disruption purposes;
*Introduction of rogue data to damage a crop or herd;
*Disruption to positioning;
*Navigation, and timing (PNT) systems;
*Disruption to communication networks;
But, if there is any good news out of this, the research that was conducted by the DHS made of the fact that the precision agriculture industry faces to some extent, the same kinds of Cyber threats that all industries typically face, such as:
*Exposure of network ports;
*The theft personal and confidential information/data;
*Attacks to wireless devices.
So, in theory, what ever defenses other companies have taken to a certain degree, should work here as well.
My thoughts on this?
Based from the education that I had, the US Agriculture Industry is a gargantuan one, with many suppliers, and third parties that are involved with our food production systems. Even more complex are the processes and the supply and logistics chains that are involved. So, this begs the question yet again, should the Agricultural Industry be treated as a Critical Infrastructure as well?
I wrote about this very same topic on Saturday, as to how China was able to implant micro sensors into servers that Amazon and Google make use of. Again, changing up an entire industry will mean revamping it all over again in order so that it will fit the definition of what a Critical Infrastructure is.
But maybe in this case, perhaps the entire Agriculture Industry may not have to be revamped, just certain parts of it, so that our food supply will remain at least safe. I for one don’t want to wake up one morning and find out that China has now tampered with that.