- | 11:00 am
Why the rise of precision agriculture exposes our food systems to new threats
The advent of precision farming comes at a time of significant upheaval in the global supply chain as the number of foreign and domestic hackers with the ability to exploit this technology continues to grow.
Farmers areĀ adopting precision agriculture, using data collected by GPS, satellite imagery, internet-connected sensors, and other technologies to farm more efficiently. While these practices could help increase crop yields and reduce costs, the technology behind the practices is creating opportunities for extremists, terrorists, and adversarial governments to attack farming machinery, with the aim of disrupting food production.
Food producers around the world have been under increasing pressure, a problemĀ exacerbated by the war in UkraineĀ and rising fuel and fertilizer costs. Farmers are trying to produce more food but with fewer resources, pushing the food production systemĀ toward its breaking point.
In this environment, itās understandable that many U.S. farmers areĀ turning to modern information technologiesĀ to support decision-making and operations in managing crop production. These precision agriculture practices lead to more efficient use of land, water, fuel, fertilizer, and pesticides, so that farmers can grow more, reduce costs, andĀ minimize their impact on the environment.
As researchers inĀ cybersecurityĀ andĀ national securityĀ at theĀ National Counterterrorism Innovation, Technology, and Education Center, we see cause for concern. The advent of precision farming comes at a time of significant upheaval in the global supply chain as the number of foreign and domestic hackers with the ability toĀ exploit this technology continues to grow.
NEW OPPORTUNITIES FOR EXPLOITATION
Cyberattacks against agricultural targets are not some far-off threat; they are already happening. For example, in 2021, a ransomware attack forced a fifth of the beef processing plants in the U.S. to shut down, with one company paying nearly $11 million to cybercriminals. REvil, a Russia-based group,Ā claimed responsibility for the attack.
Similarly, a grain storage cooperative in Iowa was targeted by a Russian-speaking group called BlackMatter, who claimed that they hadĀ stolen data from the cooperative. While previous attacks have targeted larger companies and cooperatives and aimed to extort the victims for money, individual farms could be at risk, too.
The integration of technologies into farm equipment, from GPS-guided tractors to artificial intelligence, potentially increases the ability of hackers to attack this equipment. And though farmers might not be ideal targets for ransomware attacks, farms could be tempting targets for hackers with other motives, including terrorists.
For example, an attacker could look to exploit vulnerabilities within fertilizer application technologies, which could result in a farmer unwittingly applying too much or too little nitrogen fertilizer to a particular crop. A farmer could then end up with either a below-expected harvest, or a field that has been over fertilized, resulting in waste and long-term environmental ramifications.
SLOW TO APPRECIATE THE THREAT
Disruption to sensitive industries and infrastructure gives attackers higher returns for their efforts. This means that the increasing stress on the global food supply raises the stakes and creates a stronger motivation to disrupt the U.S. agriculture sector.
Unlike other critical industries such asĀ financeĀ andĀ health care, the farming industry has been slow to recognize cybersecurity risks and take steps to mitigate them. There are several possible reasons for this sluggishness.
One is that many farmers and agricultural providers havenāt viewed cybersecurity as a significant enough problem compared with other risks they face such as floods, fires, and hail. A 2018 Department of Homeland SecurityĀ reportĀ that surveyed precision agriculture farmers throughout the U.S. found that many did not fully understand the cyberthreats introduced by precision agriculture, nor did they take these cyber-risks seriously enough.
This lack of preparedness leads to another reason: limited oversight and regulation from government. In 2010, the U.S. Department of Agriculture classified cybersecurity as a low priority.Ā While this classification was upgraded in 2015, the farming sector is likely to be playing catch-up for years. While other critical infrastructure industries have developed and published numerousĀ countermeasuresĀ andĀ best practicesĀ for cybersecurity, the same cannot be said for the farming sector.
The Biden administration has indicated that it is willing toĀ help farmers take steps to protect their cyber infrastructure, but as of this writing it has not released public guidelines to assist with this effort.
ALL-HANDS APPROACH
In addition to the pressing need for policy guidance and resources from federal, state and local governments to prevent this type of cyberattack, there is room for academia and industry to step up.
From an academic research perspective, multidisciplinary efforts that bring together researchers from precision agriculture, robotics, cybersecurity, and political science can help identify potential solutions. To this end, we and researchers at the University of Nebraska-Lincoln have launched theĀ Security Testbed for Agricultural Vehicles and Environments.
Farming equipment manufacturers and other industry organizations can help by designing and engineering equipment to account for cybersecurity considerations. This would lead to the manufacture of farming equipment that not only maximizes food production yields but also minimizes exposure to cyberattacks.
George Grispos is an assistant professor of cybersecurity at the University of NebraskaāOmaha. Austin C. Doctor is an assistant professor of political science at the University of NebraskaāOmaha.
This article is republished fromĀ The ConversationĀ under a Creative Commons license. Read theĀ original article.
