Cyberattacks Give Food Security a Bad Taste

Image credit: iStockphoto/champja

IoT and digital technologies are vital for the future of agriculture and food production, yet they could also be a risk as a vector for digital havoc.

A BI Intelligence survey predicted that the agriculture industry was using 75 million IoT devices in 2020, and the adoption rate wasgrowing 20% annually. At the same time, the global smart agriculture market size is expected to triple by 2025, reaching USD15.3 billion from just over USD5 billion in 2016.  

In Australia, the National Farmers Federation has a goal for the nation’s agriculture industry to be worth AUD100 billion by 2030. Still, to get there, the industry will need to implement the digital tools of smart farming as widely as possible.

While that is also forecast to create a vibrant agtech industry, with solutions that can be exported worldwide, all that could be at risk if the food supply becomes a battlefield for cyber warfare.

The agricultural sector was the sixth most likely to record a data breach last year in Australia. Common attacks are data breaches, ransomware, phishing, scam emails, and malware.

In 2020 ransomware stopped Australian wool sales and milk deliveries for Lion Dairy & Drinks. In May 2020, a cyberattack on global meat processor JBS sent home thousands of workers in its 47 facilities across Australia. REvil, the “as a service” ransomware Russian group behind the attack, said they would continue to target the agricultural sector and its supply chains.

A different kind of crop

This week, a new study shows that while smart technologies raise global agricultural production, they could also “reap a crop of another kind – cybersecurity attacks.”

Modeling at King Abdulaziz University in Saudi Arabia, Aix-Marseille University in France, and Flinders University in South Australia highlighted the risks, and these were published in a new article in the open access journal Sensors.

“Smart sensors and systems are used to monitor crops, plants, the environment, water, soil moisture, and diseases,” says lead author Professor Abel Alahmadi from King Abdulaziz University.

“The transformation to digital agriculture would improve the quality and quantity of food for the ever-increasing human population, which is forecast to reach 10.9 billion by 2100.”

Researchers warn that this progress in production, genetic modification for drought-resistant crops, and other technologies are prone to cyber-attack, particularly if the agtech sector doesn’t take adequate precautions like other corporate or defense sectors.

“We should not overlook security threats and vulnerabilities to digital agriculture, in particular, possible side-channel attacks specific to ag-tech applications”

At Flinders University in South Australia, researcher Dr. Saeed Rehman says the rise of internet connectivity and smart low-power devices has facilitated the shift of many labor-intensive food production jobs into the digital domain. This includes modern techniques for accurate irrigation, soil and crop monitoring using drone surveillance.

“However, we should not overlook security threats and vulnerabilities to digital agriculture, in particular, possible side-channel attacks specific to ag-tech applications,” says Rehman.

“Digital agriculture is not immune to cyber-attack, as seen by interference to a U.S. watering system, a meatpacking firm, wool broker software, and an Australian beverage company.”

“Extraction of cryptographic or sensitive information from the operation of physical hardware is termed side-channel attack,” adds Flinders co-author professor David Glynn.

“These attacks could be easily carried out with physical access to devices, which the cybersecurity community has not explicitly investigated.”

The researchers recommend investment into precautions and awareness about the vulnerabilities of digital agriculture to cyber-attack, with an eye on the potentially severe effects for the general population in terms of food supply, labor, and flow-on costs.

Slow to respond

The industry, however, seems unprepared.

In Australia, a nationwide approach to tackling the issue involves industry group AgriFutures Australia and cybersecurity experts, BDO Australia, and rural research and development corporations.

The project’s survey of more than 1,000 agricultural operators recently found they were underprepared for cyberattacks. Many farmers underestimated their supply chain data breach risks, focusing their security efforts instead on activists and competitors.

Just one in six operators said they had a cybersecurity incident response plan. Many said they didn’t know where to go for help after a cyberattack in the survey.

The use of blockchain technology is one way of combatting cyber threats, but blockchain projects are only now gaining momentum in the agricultural sector.

These projects have had food provenance and traceability as their core business case. Still, cyber security is rapidly escalating up the list of priorities as the industry prepares for the advantages, and risks, of a digitized future.

Lachlan Colquhoun is the Australia and New Zealand correspondent for CDOTrends and the NextGenConnectivity editor. He remains fascinated with how businesses reinvent themselves through digital technology to solve existing issues and change their entire business models. You can reach him at [email protected].

Image credit: iStockphoto/champja