Incident Response December 10, 2021
By David Bisson 3 min read

Ransomware actors are targeting food and agriculture organizations, potentially disrupting business. Luckily, there are already formal structures in place to boost the IoT security defenses they need. Knowing them keeps the lifeblood of industrial farms and food delivery going. Businesses in the sector could “suffer significant financial loss,” the FBI said. That loss is “resulting from ransom payments, loss of productivity and remediation costs.” They could also lose customer trust along the way.

In mid-October, a dairy company suffered a ransomware attack that took down its systems. The attack jumped from the digital realm to disrupt plants and distribution centers. It took about a week to restore affected tasks. In September, a Minnesota-based farm supply and grain marketing cooperative suffered a ransomware attack, reported Threatpost. The incident knocked its website offline, infected its computer systems and disrupted daily production.

Ransomware actors struck another agriculture group around the same time, which affected the company’s devices and systems. In response, the group took its systems offline to contain the threat.

Which IoT Security Issues Harm This Sector?

According to the U.S. Department of Homeland Security, some of the most prevalent security issues in the food and agriculture sector can be sorted based on the Confidentiality, Integrity and Availability Triad. Let’s examine how below.

Confidentiality

Data confidentiality is essential to farms and other organizations that engage in precision agriculture. It also makes a big difference to those who use smart tech to increase crop output using fewer resources like water and fertilizer. Farmers need to protect their yield data, farming methods and other proprietary information to make a living. Imagine if someone steals that data through decision support systems. Or, what if it leaks out to third parties by mistake? Businesses could suffer a loss of trust that could threaten to close them down.

Integrity

Precision agriculture and ‘smart farming’ use data collection and analysis to help farmers make decisions about their work. What if a threat actor were to falsify this data? They could disrupt crops and livestock. That, in turn, undermines the food supply at the local, regional or national level. On the other hand, attackers could introduce rogue data into a sensor network to endanger crops and herds.

Availability

Much of the heavy equipment used in the farm and agriculture sector relies on embedded tools consisting of communication and guidance systems. If the networks used by that major farm equipment suffer disruption or if a smart livestock production facility fails, people might not be able to tend to their crops and livestock on a timely basis. Similar risks can arise from natural disasters such as earthquakes and fires.

Assess Devices to Improve IoT Security

The threats discussed above, along with their potential consequences, highlight how food and agriculture groups operate as critical infrastructure. And just like other critical infrastructure organizations, farms are struggling with Internet of Things (IoT) devices. Those products have introduced vulnerabilities into their networks, weaknesses that attackers can use to disrupt farming equipment and monitoring in such a way that interrupts harvesting and other mission-critical operations.

The University of Maryland (Baltimore County) used this premise to build a potential threat scenario involving a denial of service attack. The incident used IEEE 802.11 vulnerabilities to prevent sensor data from making its way to the remote cloud, thus disrupting sensors in the field. The researchers then expanded the attack from there to prevent devices from connecting to the network.

Understanding the Scope of These Threats

Not all food and agriculture businesses use smart technologies. As a result, the entire food chain isn’t at risk yet. But given the projections made about smart agriculture, that’s quickly changing.

Food production needs to speed up to keep up with a growing population. As noted by IEEE Spectrum, the global population will reach 8.5 billion people by the end of this decade, with the number of people affected by acute hunger climbing to 840 million. These figures, when coupled with the World Food Programme’s goal of zero hunger by 2030, mean that more farms might begin using smart farming tech in the near future.

Best IoT Security Practices for the Farm Sector

Farm and agriculture organizations can take several steps to defend themselves against the cybersecurity risks confronting them. They can do this by applying network segmentation to keep IoT devices separate from other parts of the network. That will help to limit the scope of an attack.

They can also focus on using both passwords and multi-factor authentication (MFA). Towards that end, security teams need to make sure they change the default password on an IoT device. They can also leverage MFA to protect access to those devices in the event that someone breaches their credentials.

Finally, use vulnerability management and penetration testing services. This will provide a way for infosec personnel to close known flaws affecting their devices. It will also give them a means of testing their existing defenses. With thorough defenses such as these, the global food chain will be more secure.

 |  |  |  |  | 
David Bisson
Contributing Editor

More from Incident Response
September 27, 2023

Tequila OS 2.0: The first forensic Linux distribution in Latin America

3 min read - Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America. IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that…

August 31, 2023

Alert fatigue: A 911 cyber call center that never sleeps

4 min read - Imagine running a 911 call center where the switchboard is constantly lit up with incoming calls. The initial question, “What’s your emergency, please?” aims to funnel the event to the right responder for triage and assessment. Over the course of your shift, requests could range from soft-spoken “I’m having a heart attack” pleas to “Where’s my pizza?” freak-outs eating up important resources. Now add into the mix a volume of calls that burnout kicks in and important threats are missed.…

August 16, 2023

SIEM and SOAR in 2023: Key trends and new changes

4 min read - Security information and event management (SIEM) systems remain a key component of security operations centers (SOCs). Security orchestration, automation, and response (SOAR) frameworks, meanwhile, have emerged to fill the gap in these capabilities left by many SIEM systems. But as many companies have begun reaching the limits of SIEM and SOAR systems over the last few years, they have started turning to other solutions such as extended detection and response (XDR). But does this shift spell the end of SIEM…

August 9, 2023

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature