Is your farm safe from cybercrime?

Lettuce is one of the latest victims of cybercrime. Yes, lettuce.

In February, a ransomware attack on agricultural giant Dole caused salad shortages after the company was forced to temporarily shut down its U.S. production facilities and halt food shipments to retailers. Essentially, ransomware holds a computer system hostage by block­ing access to its users until a sum of money is paid.

The veggie violation is just another example of an increasing number of computer-based attacks on the U.S. food and agriculture sector. In June 2021, JBS paid an $11 million ransom to a Russian cyber gang after the meat-process­ing company had to halt slaugh­tering operations at 13 plants. In October 2021, hackers hit a major cream cheese supplier, limiting production just ahead of the holiday season. Six attacks against grain cooperatives occurred that fall as well. And in early 2022, two other cybercrime incidences dis­rupted seed and fertilizer supply.

As if farmers need one more challenge to worry about, they could become targets, too. Wide­spread adoption of ag technology heightens this risk. Integrated logis­tics systems, automation, remote sensing, cloud-based computing and data—lots and lots of data— expose producers to cyber threats.

Historically, agriculture has not been a typical target for cybercrim­inals, but they know disrupting the food supply chain can have signif­icant detrimental impact. National security largely depends on food security. And the agriculture sector is often an easy mark because it hasn’t received the attention and resources to deploy protections like energy, utilities or banking sectors.

That’s about to change. Last March, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) to help key industries such as food and agriculture defend themselves. The law will require covered entities to report cyberattacks to the Department of Homeland Security. The idea is to use the information to better un­derstand the threats and strengthen guidance about cybercrimes.

CIRCIA mandates likely won’t be fully implemented until 2024, but commodity groups are concerned that the issue is too complex for farmers to navigate alone. Another bill is now making its way through Congress to create a one-stop shop for the cybersecurity needs of American farmers and ranch­ers. The effort is supported by the National Corn Growers Association, American Soybean Association, Na­tional Cattlemen’s Beef Association and other farm organizations.

Meanwhile, agribusinesses and farmers are mostly left to fend for themselves, and this time of year makes our industry especially vulnerable. Hackers like to strike when they can cause the most damage and disruption, such as the spring planting season.

As MFA customers, you can rest assured that we’ve taken serious steps to protect our business from computer-based crimes, even hiring a cybersecurity analyst in our In­formation Technology Department. Our measures include continually backing up our systems, keeping multiple copies of data in a secure location, using multi-factor authen­tication, requiring strong pass­words, regularly updating anti-virus software and training employees on cybercrime tactics.

These are smart practices that you can—and should—implement for your farm business as well.

Other security steps are more common sense. For example, never click on a link or an attachment or respond to a text that seems even just a little unusual. In many cyber­attack cases, the initial intrusion comes via “phishing,” a tactic in which hackers send a fake email, hoping the recipients click a link and enter their credentials. Attack­ers can then access the company’s network. If you aren’t sure about a message, call the person who con­tacted you and make sure every­thing is legit. Better safe than sorry.

To learn more about best prac­tices, the federal government’s Cybersecurity and Infrastructure Security Agency offers a number of resources at cisa.gov.

Even though farmers haven’t been pushed to adopt stricter cybersecurity measures—yet—you should still take the threat seriously. You may think it will never happen to you, but don’t underestimate these crafty cybercriminals. Now that they seem to have discovered vulnerabilities in agriculture, we must all be vigilant to help protect our farms and our industry