From the 2017 Bega Cheese and Cadbury Tasmania attacks to the Talman wool auction system, Lion Dairy and most recently, the JBS attacks, we have seen a rapid rise in agricultural supply chains being targeted by cyber hackers.
JBS, for instance, was even forced to pay AUD $14 million to regain control of its systems—an outcome the company could not have imagined even a week prior to the ransomware attack.
According to ABS statistics, the agricultural industry was the fifth most likely to be targeted by cyber hackers and to face cyber breaches in 2020.
The same survey showed that it was also the fifth least likely industry to invest in cybersecurity in the same year.
The question remains, however, why is the agriculture industry being targeted?
Is it a unique vulnerability or is it a threat that other traditional industries with classic supply chain mechanisms can expect to face in the future as well?
Why are cyber hackers targeting agri-businesses?
The agriculture industry and the businesses in its periphery have been some of the biggest adopters of technology in the recent past. Studies show that there has been a 300% increase in the number of Australian agribusinesses that have adopted cloud-based technologies.
Innovative technologies such as radio frequency identification, precision agriculture, drones, IoT, cloud computing, sensor monitoring and smart machines have been embraced by the agriculture industry.
This rapid adoption has increased vulnerabilities that cyber hackers can leverage; concurrently, the agri-industry has also failed to improve its cybersecurity to accommodate the specific risks and vulnerabilities new systems and technology pose.
Supply chain cyber attacks are a low-cost-high-return model for threat actors
75% of the large-scale, high-profile supply chain cyber attacks that occur are believed to be conducted by five to six organised groups with hundreds of people working for them all over the world.
These organisations have people working for them for as low as $2 an hour, so they can afford to observe mailboxes for months to gain access to credentials and have dedicated groups dedicated to making scam calls and phishing campaigns.
If they can find a middle man or active credentials to use, attackers intercept invoices of businesses, deny access to their IT systems, and disrupt the larger supply chains they are a part of and force these businesses to pay large ransoms.
Can the agricultural industry prevent supply chain cyber attacks?
The Australian government has put together a framework that includes eight measures, which, if adopted, can reduce a majority of the vulnerabilities business IT systems and networks possess.
The essential eight include:
- Application control to prevent non-authorised applications from executing. This prevents unapproved applications that might have malicious code from executing or entering systems.
- Configure Microsoft Office macro settings to allow only vetted and approved macros and provide only limited write access. This is because MS Office macros can be used to deliver and execute malicious code.
- Use the latest versions of patch applications such as Flash, MS Office, and web browsers. Security vulnerabilities on these applications can be used by hackers.
- User application hardening can block Flash and Java applications on the internet as they can be used to deliver and execute malicious code.
- Restrict administrative privileges to OS and applications based on the specific duties an individual has to perform. This can limit the extent of a breach if one occurs via access through employee credentials.
- Multi-authentication for VPN, RDP, SSH and other activities such as accessing important data repositories.
- Patch operating systems to ensure you’re using the latest version of your OS and don’t use unsupported versions.
- Daily backups will ensure that you can access your data and information following a cyber breach.
Can the agriculture industry adapt to the increasing threat of cyber attacks?
The recent string of attacks has been an eye-opener that the industry needs to address in order to secure its digital resources. Simple measures such as whitelisting and password management can minimise many of the avenues cybercriminals would otherwise be able to exploit.
Going forward, agribusinesses and other industries can look to adopt blockchain systems instead of the cloud-based systems they currently use.
But most importantly, to face the threat of cybercrime, employees need to be educated about its dangers and taught the steps to ensure a safe and secure cyberspace.