Agribusinesses today have many great digital products that keep us moving forward and connecting on a deeper level than previous generations. But those same products are also putting us more at risk.
“Although ransomware attacks against the entire farm-to-table spectrum of the (food and agriculture) sector occur on a regular basis, the number of cyberattacks against agricultural cooperatives during key seasons is notable,” an FBI notice warning against increased cyberattacks states.
Cybersecurity is the biggest issue facing agriculture in decades. While it may seem overwhelming or expensive to implement necessary cybersecurity policies, it must be done. Disruptions at the agribusiness level can ripple outward, impacting the supply chain, the consumer and ultimately the U.S. economy.
“All individuals and organizations in both the public and private sectors should be concerned about cybersecurity,” says Sarah Gonzalez, director of communications and digital media with the National Grain and Feed Association (NGFA).
“Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses. No company is safe from being targeted by ransomware, regardless of size or location.”
Cyberattacks ramp up
Just last week, AGCO announced it was subject to a ransomware attack that impacted some of its production facilities.
In April, the Federal Bureau of Investigation (FBI) in a new Private Industry Notification, warned the agrifood industry that ransomware actors may be more likely to attack agricultural cooperatives during critical planting and harvest seasons.
“Cyber actors may perceive cooperatives as lucrative targets with a willingness to pay due to the time sensitive role they play in agricultural production,” the FBI stated.
Ransomware attacks against six grain cooperatives during the fall 2021 harvest disrupted the food supply chain and two attacks in early 2022 could impact the planting season by disrupting the supply of seeds and fertilizer.
During NGFA’s Country Elevator Conference (CEC) held in December in Chicago, a panel of agribusiness experts discussed cybersecurity.
Panelists noted cybersecurity issues may seem complex, but often it’s the simple things that cause security breaches. Over 90% of malware that infects a business comes through an employee opening an email containing a virus. The key to this threat is to not panic but be aware and think ahead, said panelists.
Start preparing today
In 2021, there were 500 million attempts by bad actors to access corporate data, which is a million and half attempts each day.
Sarah Engstrom, CISO and VP IT security, productivity and privacy, CHS Inc., says cyberthreats have gotten worse in the last 18 months. If you haven’t invested, now is a good time to start.
“Some of you may have already experienced a cyberthreat,” says Engstrom. “The saying is, ‘It’s not if, it’s when.’ Be prepared.”
You may need to have a third-party technical team or an internal IT department, and if you don’t have one, Engstrom says start building one now.
Jim O’Conner, CISO, Cargill, says being prepared for a cyber event, whether a data breach or the entire system going down, is critical. “Being prepared is crucial,” he says.
As you begin your cybersecurity preparation, first, understand your technology environment. “All our operations are dependent on technology,” he says. “What devices are being used? What’s the software? What is the scope of your technology?”
There are typically three ways that bad actors wreak havoc on an organization:
- Email insecurity. Email security is critical. Use multifactor authentication (MFA) to secure email
- Software vulnerability. Make sure software is patched and up to date on each device — cell phone, tablet, laptop, desktop — that is used in your business
- Remote accessibility. How employees access your information remotely should be secured
Six steps to start
Lee Gleason, vice president of sales, ProValue Insurance, says there are six basic prevention steps to ensure the security of your data and keep it out of the hands of cyberthieves.
- Create an incident response plan
- Securely back-up your data
- Implement MFA
- Patch and update software regularly
- Use endpoint detection and response (EDR) software
- Train employees
With over 90% of malware entering a system because an employee clicks on an infected email link or attachment, all users need to be educated on the risks.
“Don’t even let the virus get in,” says O’Conner with Cargill. “Invest in strong email security. You can mitigate a large amount of risk with minimum dollars by keeping your email secure.”
Gleason also reminds businesses that education is a continual process. “When it comes to employees, you need to educate, educate, educate,” he says.
Going step-by-step in a simulated drill is a good way to realize what’s missing in your cyber program, says Gonzalez with NGFA.
“Experts recommend regularly testing incident response plans and contingency plans so safety critical functions can be maintained during a cyber incident,” she says.
Start with questions: What are the steps if something goes wrong? Who’s in charge? Who do you call first?
“Start small,” says O’Conner with Cargill. “Go through drills and scenarios and understand how you would react in each one. Where would you start?”
Available resources
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) both offer access to free, in-depth resources and expert cybersecurity advice.
Cybersecurity templates, found simply by googling, can help you lay out your response to a threat. NGFA has also compiled cybersecurity resources from trusted sources on its website.
“NGFA is committed to gathering the appropriate resources for its members and pointing them to the experts that can help when needed,” says Gonzalez.
“Companies should contact CISA with reports of attempted data intrusions or phishing and contact their FBI field office with reports of network intrusions, data breaches or ransomware attacks.”
Beyond these steps, experts suggest investing in a cybersecurity insurance plan. Given the rash of recent incidents, however, insurance providers have heightened expectations for customers. “Insurance providers are stepping it up,” says Engstrom. “They’re asking questions and expect you’ll have a plan. Be prepared.”
Other recommended actions include backing up data, regularly testing these backups, and keeping them offline to ensure they are not connected to the business network.
A cyber event comes with many costs: legal, network damages, business interruption, ransom payments and reputation. The cost of doing nothing could be higher. Fortunately, it’s not too late. The time to start preparing your feed and grain business for a cyberthreat is now. ■
WHAT IS Multifactor Authentication (MFA)?
Cyberthieves continue to develop new ways to get your information. Today, it’s shown that using multifactor authentication (MFA) can block 99.9% of compromise attacks.
“Last year, 94% of ransomware victims investigated did not use MFA,” says Lee Gleason, vice president of sales, ProValue Insurance.
One of the top priority action items recommended by the Cybersecurity and Infrastructure Security Agency (CISA) is setting up MFA on all systems, because passwords alone are routinely compromised.
MFA is used to ensure digital users are who they say they are by requiring they provide at least two pieces of evidence to prove their identity.
Each piece of evidence must come from a different category: something they know, something they have or something they are.
For example, MFA could be using a password together with a code sent to your smartphone to authenticate yourself. Another example is using a combination of a card (something you have) and a PIN (something you know).
Does your company need a CISO?
The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.
The CISO may also work alongside the chief information officer to procure cybersecurity products and services and to manage disaster recovery and business continuity plans.
