This article is republished from The Conversation under a Creative Commons license. Read the original article.
Farmers are embracing precision farming, using data collected by GPS, satellite imagery, internet-connected sensors and other technologies to farm more efficiently. While these practices could help increase crop yields and reduce costs, the technology behind these practices creates opportunities for extremists, terrorists and opposing governments to attack agricultural machinery, with the aim of disrupting production. eating.
Food producers around the world are under increasing pressure, a problem exacerbated by the war in Ukraine and rising fuel and fertilizer prices. Farmers are trying to produce more food but with fewer resources, pushing the food production system to its breaking point.
In this environment, it is understandable that many American farmers are turning to modern information technology to support decision-making and agricultural production management operations. These precision farming practices lead to more efficient use of land, water, fuel, fertilizers and pesticides so farmers can grow more crops, lower their costs and minimize their impact on the environment.
As cybersecurity and national security researchers at the National Counterterrorism Innovation, Technology, and Education Center, we are concerned. The advent of precision agriculture comes at a time of significant upheaval in the global supply chain and as the number of foreign and domestic hackers able to exploit this technology continues to grow.
New business opportunities
Cyberattacks on agricultural targets are not a distant threat; they are already happening. For example, in 2021, a ransomware attack forced a fifth of beef processing plants in the United States to close, with one company paying cybercriminals almost $11 million. REvil, a group based in Russia, claimed responsibility for the attack.
Similarly, a grain storage cooperative in Iowa was targeted by a Russian-speaking group called BlackMatter, which claimed to have stolen data from the cooperative. While previous attacks have targeted large businesses and cooperatives and aimed to extort money from victims, individual farms could also be at risk.
The integration of technologies into agricultural equipment, from GPS-guided tractors to artificial intelligence, potentially increases the ability of hackers to attack such equipment. And while farmers aren’t ideal targets for ransomware attacks, farms could be tempting targets for hackers with other motives, including terrorists.
For example, an attacker could seek to exploit vulnerabilities in fertilizer application technologies, which could lead a farmer to unintentionally apply too much or too little nitrogen fertilizer to a particular crop. A farmer could then end up with either a lower harvest than expected or a field that has been over-fertilized, leading to waste and long-term environmental ramifications.
Slow to appreciate the threat
Disrupting sensitive industries and infrastructure gives attackers a higher return for their efforts. This means that mounting pressure on the global food supply raises the stakes and creates a stronger motivation to disrupt America’s agricultural sector.
Unlike other critical industries such as finance and healthcare, the agriculture industry has been slow to recognize cybersecurity risks and take steps to mitigate them. There are several possible reasons for this slowness.
The first is that many farmers and agricultural service providers do not see cybersecurity as a big enough issue compared to the other risks they face, such as floods, fires and hail. A 2018 Department of Homeland Security report that surveyed precision agriculture farmers across the United States found that many did not fully understand the cyber threats introduced by precision agriculture, and did not take these cyber risks seriously enough.
This lack of preparation has another reason: limited government oversight and regulation. In 2010, the US Department of Agriculture ranked cybersecurity as a low priority. While this ranking was upgraded in 2015, the agricultural sector is expected to catch up for years. While other critical infrastructure industries have developed and released numerous countermeasures and best practices for cybersecurity, the same cannot be said for the agricultural sector.
The Biden administration has signaled it is willing to help farmers take steps to protect their cyberinfrastructure, but as of this writing, it has not issued public guidelines to help them in this effort.
Along with the pressing need for policy guidance and resources from federal, state, and local governments to prevent this type of cyberattack, academia and industry have an opportunity to step in.
From an academic research perspective, multidisciplinary efforts bringing together researchers from precision agriculture, robotics, cybersecurity, and political science can help identify potential solutions. To that end, we and researchers at the University of Nebraska-Lincoln launched the Safety Testbed for Agricultural Vehicles and Environments.
Agricultural equipment manufacturers and other industry organizations can help by designing and manufacturing equipment that takes cybersecurity considerations into account. This would lead to the manufacture of agricultural equipment that not only maximizes yields in food production, but also minimizes exposure to cyberattacks.
George Grispos is an Assistant Professor of Cybersecurity in the College of Information Science and Technology at the University of Nebraska at Omaha (UNO). Austin Doctor is an assistant professor of political science at the University of Nebraska at Omaha and a member of the executive committee of the National Center for Counterterrorism Innovation, Technology and Education (NCITE), a center of excellence in the Department of internal security.