Agriculture Vulnerable to Cyber Attacks, Report Says

rural internet broadband

A new report from a group of Federal government and private sector experts details how “precision agriculture,” or agriculture that uses connected technology to improve efficiency, faces new cybersecurity threats and a low degree of awareness in the industry to combat them.

“The adoption of advanced precision agriculture technology and farm information management systems in the crop and livestock sectors is introducing new vulnerabilities into an industry which had previously been highly mechanical in nature,” the report states.

The report was created by a joint team with members from the Department of Agriculture, the Department of Homeland Security, the Federal Bureau of Investigation, the Northern California Regional Intelligence Center, and private industry as part of DHS’ Public-Private Analytic Exchange Program. The report lays out key threats to the confidentiality, integrity, and availability of precision agriculture.

Among the top confidentiality concerns are the theft of data, the publishing of confidential information to cause chaos, foreign access to drone data, and sale of confidential data. “There has been an explosion of DSS [decision support system] and farm information management systems (FIMS), primarily mobile apps, designed to support farmers,” the report notes. “Some DSS apps could be malicious by design to steal data. This is the most likely threat to the confidentiality standard.”

The top integrity threats identified by the report are intentional falsification of data, introduction of rogue data to cause harm, and insufficiently vetted machine learning technologies. “As precision agriculture increasingly adopts equipment automation, robotics, machine learning, and edge computing, threats to data integrity are manifesting in ways never contemplated in the agriculture sector,” the report says.

The report found availability of precision agriculture services threatened by “both cyber-related issues and natural disasters,” highlighting the narrow windows that equipment must be available to harvest, disruptions of GPS signals, and foreign supply chain access to precision agriculture equipment.

To combat these threats, the report calls on the agriculture sector to follow the example of other industries to improve security. “While the threats to precision agriculture technologies are unique, the baseline security controls necessary to mitigate these threats are consistent with security controls in other industries,” the report notes. Examples include email protections, limited access to network ports, inventory of hardware and software assets, and account monitoring.

 

Recent