Features Technology
Improving agriculture’s cyber resilience

How secure is your farm? For most, this question likely brings to mind trespassers, equipment theft, and biological concerns like livestock or soil. Janos Botschner is working to get farmers to add another dimension to their security considerations: cybersecurity.

Botschner is the lead investigator with the Cyber Security Capacity in Canadian Agriculture (CSCCA) initiative, a multi-year project funded by Public Safety Canada and operated through the Community Safety Knowledge Alliance (CSKA) that aims to understand cybersecurity in Canadian agriculture. The initiative works to develop resources for producers, as well as identify opportunities for the sector, and the agri-food ecosystem as a whole, to be better prepared, more cyber-secure and more cyber-resilient.

“This is a real thing. It’s a real and significant threat to Canadian agriculture and our food system as a whole,” he says. “It’s not going to go away anytime soon.”

Botschner cautions that currently, Canadian agriculture as a critical infrastructure is underprepared for cyber threats. But he also notes that this isn’t very different from other critical infrastructures in terms of their journeys regarding cybersecurity.

“There are some practical opportunities to tackle cyber-related vulnerabilities as well as to de-risk, develop and sustain the benefits of digital agriculture,” he adds. “And, really importantly, producers shouldn’t have to go it alone. Help is available.”

Attack patterns
Botschner likens cybercriminals to coyotes sniffing around a fence line. Identifying potential weaknesses they can exploit is a major part of keeping them out and reducing the harm they can cause to a farm operation and Canadian agriculture as a whole.

In terms of the landscape of cybercrime the sector faces, there are a few common types of bad actors. “Largely, they’re what we might call opportunistic cybercriminals,” Botschner says. “They’re criminal organizations that want to make a buck, and they’re very creative. It can be an individual or group that can buy something like ransomware as a service [on the dark web].”

Profit is a major motivator, with cybercriminals looking for new ways to squeeze money out of producers by attacking their operations.

“Some of these groups are really well resourced and big. Some of them are hosted in foreign countries that look the other way. And then there are times when these groups might have connections to foreign governments or foreign military, as well as criminal organizations,” he says.

“The big thing is that people are seeing are ransomware attacks, and they’re not going to go away.”

Ransomware
Ransomware can be used to cause mischief for farms in a few ways. Using software exploits, or bugs, cybercriminals can go into a system and deny access to data – such as historical farm data. Botschner says they can lock up a system, making that data inaccessible and demanding the farmer to pay to have access. If the farmer pays, they’ll be sent a decryption key.

Cybercriminals can also use this technology to lock up a system on the farm. “Maybe it’s an automated irrigation system, maybe it’s a significant piece of harvesting equipment at a critical time of year,” Botschner says. “Or maybe, even worse, it’s a control system that regulates the environment that temperature the ventilation inside a livestock barn.”

This increases the time sensitivity of the issue, especially in the case of livestock barns. At particularly cold or hot times of year, there isn’t much of a margin before animal welfare is at risk. “The problem is they might come back,” he adds. “Even if you pay them, because now they have a sense of what your vulnerabilities are.”

The last possibility Botschner discusses is data poisoning. “Somebody could get into a data flow and make it look like something’s happened when it hasn’t,” he says. This can make it appear that, for example, a commodity is contaminated, when it actually isn’t, harming its reputation in the context of a trade negotiation. Conversely, it can prevent awareness of problems, like preventing a bio-surveillance system from recognizing a disease outbreak.

“It’s a little bit more extreme, but it’s in the realm of possible,” Botschner says. “We want to be aware of these things so we can say, what can we do to manage business risk at the level of individual farms, and then bigger risks at the level of a critical infrastructure.”

Risk management
There are a variety of cybersecurity resources on the CSKA website (cskacanada.ca) for increasing your cybersecurity knowledge and resilience. When it comes to your farm, Botschner says it’s “just about starting somewhere.”

“Start anywhere. Ask for help. If you feel that you need more help, and it’s not around, go to your federations and commodity associations and say, I think we could use some more help.”

Botschner also recommends doing a cyber fire drill. “Sit down at the kitchen table, pick a problem like a ransomware attack or a system lock-up, or even your IT service going down. What would you do next? Who would do what?” he says. “You don’t have to actually do anything – just sit there and talk through a scenario.”

It’s important to keep the benefits in mind if this new element of farm security and management seems a bit overwhelming.

“Digital technologies done well can create opportunities to better manage the bottom line and to have time to do other things that people want to do,” says Botschner. “It’s a personal choice. I’m neutral on whether or not somebody wants to adopt a particular piece of technology. But with everything, there are opportunities to make the most of and then there are risks to manage.”