• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Cybersecurity Guide

  • Bootcamps
    • CISSP
    • CCNA
    • CEH
    • Comptia+
  • PROGRAMS BY STATE
    • Alabama
    • Alaska
    • Arizona
    • Arkansas
    • California
    • Colorado
    • Connecticut
    • Delaware
    • Florida
    • Georgia
    • Hawaii
    • Idaho
    • Illinois
    • Indiana
    • Iowa
    • Kansas
    • Kentucky
    • Louisiana
    • Maine
    • Maryland
    • Massachusetts
    • Michigan
    • Minnesota
    • Mississippi
    • Missouri
    • Montana
    • Nebraska
    • Nevada
    • New Hampshire
    • New Jersey
    • New Mexico
    • New York
    • North Carolina
    • North Dakota
    • Ohio
    • Oklahoma
    • Oregon
    • Pennsylvania
    • Rhode Island
    • South Carolina
    • South Dakota
    • Tennessee
    • Texas
    • Utah
    • Vermont
    • Virginia
    • Washington
    • Washington, DC
    • Wisconsin
    • West Virginia
    • Wyoming
  • CERTIFICATIONS
    • Certified Information Systems Auditor (CISA)
    • Certified Ethical Hacker (CEH)
    • Certified Information Security Systems Professional (CISSP)
    • Certified Information Security Manager (CISM)
    • Digital Forensics Certifications
    • Security+
    • CompTIA Advanced Security Practitioner (CASP+)
    • Certified Network Defender (CND)
    • OSCP
    • CRISC
    • Pen Testing
    • CTIA
    • Cryptography
    • Malware Analyst
  • DEGREES
    • associate’s in cybersecurity
    • bachelor’s in cybersecurity
    • master’s in cybersecurity
    • cybersecurity analytics degree
    • Computer science with cybersecurity emphasis
    • MBA in cybersecurity
    • phd in cybersecurity
    • cybersecurity law degree
    • master’s in information security
    • Cybersecurity engineering master’s
  • ONLINE PROGRAMS
    • Online Certificate in Cybersecurity
    • online bachelor’s in cybersecurity
    • online IT degree
    • online master’s in cybersecurity
    • Online master’s in information security
    • online phd in cybersecurity
  • CAREER GUIDES
    • Security Engineer
    • Chief Information Security Officer
    • Security Analyst
    • Computer Forensics
    • Security Consultant
    • Digital Forensics
    • Cryptographer
    • Security Administrator
    • Penetration Tester
    • Security Software Developer
    • Security Specialist
    • Security Code Auditor
    • Security Architect
    • Malware Analyst
    • Data Protection Officer
    • Cybercrime Investigator
    • Cryptanalyst
    • Security Incident Responder
    • Chief Privacy Officer
    • Risk Manager
    • Network Administrator
    • Business InfoSec Officer
    • Information Security Manager
  • Experts
  • RESOURCE CENTER
    • Job Guide
    • Veteran’s Guide
    • Women’s Guide
    • Certification Guide
    • Internship Guide
    • Security Clearance Guide
    • Ethical Hacker Guide
    • Coding for Cybersecurity Guide
    • Cybersecurity 101
    • Student Guide to Internet Safety
    • Scholarship Guide
    • Cybersecurity Math Guide
    • Small Business Guide
    • COVID-19 Guide
    • Cybersecurity for K-12 students
    • Career Networking Guide
    • What is a Cyber Range?
    • Code Like a Hacker
    • Reacting to a Cyber Incident
    • Introduction to Cyber Defense
    • Cybersecurity Courses Online
    • Recommended Reading
    • Cybersecurity Jobs Report
    • Phishing Attacks
    • Cybersecurity Responsibility
    • How to Get Into Cybersecurity
    • Cyberwarfare
    • Cybersecurity Insurance
    • Job Interview Prep
    • Readiness Economy
  • Industries
    • Financial Sector
    • Insurance Sector
    • Healthcare Sector
    • Environmental Sector
    • Energy Sector
    • Government Sector
    • Transportation Sector
    • Food and Ag Sector

Cybersecurity in the food and agriculture industry

Written by Steven Bowcut – Published: September 16, 2021

It’s hard to think of a more critical economic sector than agriculture. It is an industry that directly affects the lives of everyone worldwide.

The future of the food and agriculture industry will increasingly see the application of scientifically precise and automated farming techniques. Automated ‘agro-bots’ will monitor, treat, and work the land, using high-tech tools designed to help maximize yields and minimize disease.

The advances in agriculture-related technology have brought along with them an increase in cyber threats. Before the rise of multinational consolidated agribusinesses, much of the world’s food was produced by small farmers and ranchers serving a local community. Today the same economies of scale that have fueled the rise of large corporations in other sectors are applied to food production and distribution. These economies of scale are dependent on automation. 

Historically the food/ag sector has not been a notable target for cybercriminals. Today, however, threat actors see the world’s dependence on a well-established food supply chain as an opportunity to use malware, such as ransomware, as leverage to achieve their nefarious aims. 

These aims are commonly financial gain but also include acts of political terrorism and social hacktivism. There is still work to be done in areas where the food/ag sector has been lax in its cyber protection policies and procedures. 

Cybersecurity issues in the food/ag industry

The food and agriculture industry covers a broad spectrum of companies that provide a variety of products and services. Large farms and ranches use automated and connected systems for everything from tractor autosteer systems to crop moisture testing to automated distribution warehouses. 

Many of the companies that make up the nation’s food supply chain are interdependent. A stoppage or slow down during harvest season, for example, can reverberate throughout the entire industry as food processing plants and distribution networks feel the effects of events that may have happened weeks or months earlier. Retail stores and restaurants need an easily accessible and reliable source for food products. Any disruption can result in price spikes or shortages that affect people’s lives. 

As seen in the examples of previous cyberattacks in this sector, the world’s food supply chain is fragile and dominated by a relatively small number of large food companies. Because cyber threat actors aim to shut down production, thereby threatening people’s lives, food production networks and food company business networks are at risk. 

Shutting down any massive food production or distribution business creates an intolerable condition that provides the cybercriminal with an insurmountable advantage. Companies and authorities know that they must resolve the situation quickly to avoid societal turmoil. The need for the victim to act soon works to the criminal’s advantage. 

Notable food/ag industry attacks

JFC International: In March 2021, JFC International revealed that it had been hit by a ransomware attack that disrupted several of its IT systems. JFC is a major distributor and wholesaler of Asian food products and serves the European and US markets. The company said the attacks impacted JFC International’s Europe Group. They were able to resume normal operations soon after notifying law enforcement, employees, and business partners about the incident.

Loaves & Fishes: Nonprofit food provider Loaves & Fishes offers nutritionally balanced groceries to individuals and families experiencing a short-term crisis through a network of mobile “drive-through” style food distribution sites. In August 2020, they announced that sensitive customer information was exfiltrated during the more widespread Blackbaud attack. Blackbaud, a provider of software and cloud hosting solutions, stopped a ransomware attack from encrypting files but still paid a ransom demand to keep the hackers from publishing protected information about their clients – one of whom was Loaves & Fishes. Blackbaud said they have no evidence that the data was sold online, but the potential exists for that to happen at any time. 

Home Chef: Owned by Kroger Foods, Home Chef is a startup that provides food ingredients, meal kits, and recipes to its customers. Security researchers said in May 2020 that they found usernames and passwords belonging to Home Chef users for sale on the dark web. Soon after, the Chicago-based company said a security incident had resulted in the compromise of information about an undisclosed number of its customers. This type of security event poses no danger to the food supply but is a risk to consumers of these services. 

Harvest Sherwood Food Distributors: In May 2020, data that surfaced on a Tor hidden service called the Happy Blog indicated that hackers deploying REvil ransomware attacked Harvest Sherwood Food Distributors. The attackers stole critical data from the company and threatened to disclose it publicly. REvil is the same ransomware that is later used against JBS Meats. The attackers managed to steal around 2,600 files from the food distributor. The stolen data included cash-flow analysis, distributor data, business insurance content, and vendor information. There were also scanned images of driver’s licenses of people in the Harvest Sherwood distribution network.

Case Study: Meatpacker, JBS

Over the Memorial Day weekend 2021, the world’s largest meat company, JBS, was the victim of a ransomware attack that originated from a criminal group based in Russia. The attack crippled a large portion of the meat supply chain, sending shock waves across the entire food industry. 

The FBI confirmed that the REvil ransomware was used in the cyberattack. The attack stopped operations at thirteen meat plants, including JBS facilities in Colorado, Iowa, Minnesota, Pennsylvania, Nebraska, and Texas. This type of ransomware has been linked to GOLD SOUTHFIELD, a financially motivated group that operates a “Ransomware as a service” criminal enterprise. The group distributes ransomware using exploit kits, scan-and-exploit techniques, RDP servers, and backdoor-ed software installers.

The JBS hack set off a domino effect that quickly spread across the entire country. Wholesale meat prices soared as the balance between supply and demand immediately became out of whack. Farms and ranches could not get their animals to market, and the resulting oversupply drove wholesale prices down. Restaurants and resellers could not get processed and packaged meat. The corresponding scarcity drove consumer prices skyward. 

The deleterious effects of this attack on only one portion of the global food supply chain illustrate how fragile our food supply is. Restaurant owners were already hard-pressed to find reliable meat sources as the world opened up after the Coronavirus pandemic. 

With the stakes high because of the need to maintain a stable food supply, JBS felt it necessary to acquiesce to the hacker’s demand and pay the ransom. After negotiating with the hackers, JBS paid the criminals $11 million in bitcoin. 

Many would argue that meeting the demands of ransomware hackers only exacerbates the problem for everyone going forward. But, because of JBS’s quick action, in the end, they “lost less than one day’s worth of production, and that its rate of filling customer orders was only 3% below the normal level, less than the impact the company might see from a severe storm,” according to a WSJ report. 

What makes cybersecurity challenging within the food/ag industry?

One of the main reasons Americans think little about threats to and the fragility of the food supply chain is because it ordinarily runs so smoothly. As a result, even though the nation’s food supply chain is one of the 16 critical infrastructure sectors designated by the Department of Homeland Security, it receives comparatively little attention from security professionals compared to other sectors like airline security or the power grid. 

The food and agriculture industry is highly dependent on automation to keep prices low and distribution running smoothly. The systems that enable automation are often thought to be at a lower risk for cyber-attack because they can be insulated from the internet with dedicated or segmented networks. 

This perception that an air gap exists between automated food processing systems and the internet is a red herring argument. Rarely are these systems completely isolated, and even when they are, there is always a need to update the operating system and production software. Vulnerabilities can be introduced during the update process, as happened during last year’s Solar Winds attack. A false sense of security increases the risk of attack. 

Even if the automated systems that power food production factories were isolated entirely from the internet hypothetically, attackers do not need to access these systems to stop production. As the JBS Meat ransomware attack illustrates, by shutting down the business operations of a food provider, their ability to continue production ceases. 

The food/ag sector has embraced production automation technology and digital business systems faster than they have modernized their cybersecurity operations. Some experts theorize that this is because, until the recent proliferation of ransomware that makes any business a likely target, the food/ag industry has largely evaded attention from cybercriminals. 

Cybersecurity solutions for the food/ag industry

As mentioned above, the food/ag industry may, generally speaking, need to make up some ground related to cybersecurity. There are steps that many companies in this sector can take to protect themselves from threats. 

Similar to any business that produces, stores, or processes sensitive data, here are some important ways that food/ag companies can shore up their cyber defenses:

Cybersecurity training: Possibly the most effective measure that food/ag businesses can take to protect themselves from cyber-attacks is to provide cybersecurity training for their employees. The vast majority of attacks begin with an element of social engineering — usually an email. Modern phishing emails can be very difficult to distinguish from legitimate emails. By training employees to be ever-vigilant in recognizing the telltale signs of a phishing email, users can act as a practical first level of defense. 

Backup data: Ransomware in the food/ag industry depends on the ability of threat actors to plant malware designed to deny organizations access to their critical data. By locking food producers out of their business systems, attackers can throttle their ability to operate. Having a current backup is the most practical mitigation strategy to prevent ransomware criminals. Backed-up data should be isolated from the original files to deter attackers from encrypting or exfiltrating both the original and backup copies. 

Network segmentation: By segmenting production from business networks and dividing them into smaller parts, food/ag IT managers can increase security. Logically divided, portions of a company’s infrastructure can be isolated if suspicious behavior is detected on another part of the network. As mentioned above, even segmented infrastructure is vulnerable to malware introduced to a portion of the network, for example, when updating programs. Segmenting, however, can prevent malicious software from spreading throughout the entire business.

Endpoint anti-malware software: Malware is intended to cause damage, steal data, encrypt files, or gain unlawful access into digital systems. Because of the critical nature of the food/ag sector, it is the cyber threat faced most often by these organizations. Malware describes numerous malicious software variants, such as trojans, worms, and ransomware. 

Anti-malware software applies signature detection, behavioral analysis, and, in some cases, artificial intelligence to remediate an attack by disabling malware. It is crucial to have anti-malware software installed on every digital endpoint of a network. In today’s world of BYOD (bring your own device) workplaces, ensuring that updated anti-malware is properly installed across all devices with access to the network can be challenging. 

Routine patching and software updates: When vulnerabilities are identified in computer systems and software, vendors regularly provide patches and updates to protect their customers. Because users neglect to update their systems, hackers often exploit vulnerabilities for which patches are generally available. Regularly updating and patching systems can mitigate many malicious threats. 

Conclusion

Like healthcare, energy, transportation, and financial services, millions of people depend on the food and agriculture industry for their lives and livelihoods. As these critical sectors rely more and more on digital systems to conduct business, the threat of a significant cyber-attack carries more weight. 

Deploying modern cyber defenses to protect the world’s food supply chain is essential. Additionally, as new automation systems are designed, it must be done with cyber protection at the forefront. 

The fragile and interdependent nature of the food supply requires that the entire industry be protected with the most advanced and effective tools and policies. Because, in the end, we all need to eat first and foremost. 

Primary Sidebar

  • BOOTCAMPS
    • CISSP
    • CCNA
    • CEH
    • CompTIA Security+
    • Azure
    • CISM
  • CERTIFICATIONS
    • CISA
    • CEH
    • CISSP
    • CISM
    • Security+
    • CASP+
    • CND
    • Forensics
    • OSCP
    • CRISC
    • Pen Testing
    • CTIA
    • Cryptography
    • Malware Analyst
  • CAREERS
    • Security Engineer
    • Chief Information Security Officer
    • Security Analyst
    • Computer Forensics
    • Security Consultant
    • Digital Forensics
    • Cryptographer
    • Security Administrator
    • Penetration Tester
    • Security Software Developer
    • Security Specialist
    • Security Code Auditor
    • Security Architect
    • Malware Analyst
    • Data Protection Officer
    • Cybercrime Investigator
    • Cryptanalyst
    • Security Incident Responder
    • Chief Privacy Officer
    • Risk Manager
    • Network Administrator
    • Business InfoSec Officer
    • Information Security Manager
    • Cyber Operations Specialist
  • RESOURCE CENTER
    • Centers for Academic Excellence
    • Job Guide
    • Veteran’s Guide
    • Women’s Guide
    • Internship Guide
    • Security Clearance Guide
    • Ethical Hacker Guide
    • Coding for Cybersecurity Guide
    • Cybersecurity 101
    • Student Guide to Internet Safety
    • Scholarship Guide
    • Cybersecurity Math Guide
    • Small Business Guide
    • COVID-19 Guide
    • Cybersecurity for K-12 Students
    • Career Networking Guide
    • What is a Cyber Range?
    • Code Like a Hacker
    • Reacting to a Cyber Incident
    • Introduction to Cyber Defense
    • Cybersecurity Courses Online
    • Recommended Reading
    • Cybersecurity Jobs Report
    • Phishing Attacks
    • Cybersecurity Responsibility
    • How to Get Into Cybersecurity
    • Cyberwarfare
    • Cybersecurity Insurance
    • Job Interview Prep
    • Readiness Economy
    • Is Cyber a Good Career?
    • What is CyberCorps?
  • INDUSTRIES
    • Financial Sector
    • Insurance Sector
    • Healthcare Sector
    • Environmental Sector
    • Energy Sector
    • Government Sector
    • Transportation Sector
    • Food and Agriculture Sector
Cybersecurity Guide
  • Home
  • Campus Programs
  • About Us
  • Popular Careers
  • Online Programs
  • Terms of Use
  • Resources
  • Programs By State
  • Privacy Policy

Copyright © 2022 · Cybersecurity Guide · All Rights Reserved