FBI: Cyber threats are targeting ag because it’s a critical infrastructure

It is a startling statistic - if cyber crime was its own country, it would have the third-largest economy after the U.S. and China. Agriculture is its second-largest target because farming and food are critical infrastructure.

RFD-TV’s Marlin Bohling has more on what the FBI says producers should know:

Cyber criminals know there will be a payout to restore any hijacked services dealing with agribusinesses. An FBI Special Agent explains why farms are at risk.

“People eating is critical to everybody, and I can tell you that cuber threat actors are increasingly targeting food and agriculture businesses in the United States because they know that the likelihood of the payout is greater because it’s so critical. It’s a critical infrastructure and it’s gotten worse because the attack surface continues to grow with the use on farms and so on, of internet of things - devices, IOT devices, and all segments of their work,” said Special Agent Byron Franz with the Milwaukee Division of the FBI.

Over the last several years, we have seen cases of cyber attacks on international trading firms, meat packers, and regional grain cooperatives. It is why Special Agent Franz says agricultural operations of any size could be at risk.

“Agriculture has not been immune of people trying to steal secrets from farming and seeding and so on. As an example of it, I’ll give you that in 2011, a guy named Mo Hailong, who was working for a Chinese tech group, was spotted crawling through Iowa corn rows twice and pocketing Pioneer and Monsanto Seed corn through an investigation. He was subsequently charged and convicted,” said Franz.

Money is what those cyber criminals are after, but Franz explains their motives run deeper.

“There are countries and individuals that also seek potentially to target the United States. Through its critical infrastructure for cyber terrorism or other avenues to actually turn off the switch, not only turning off the switch on power or water, but obviously are disrupting the food supply or make people distrusting it. Getting all that food to table, cyber attacks can disable that chain anywhere along the line - transportation, on the farm or all the different devices that are used - all of which need to be protected. We also say that a defender, like us or a farmer, has to be 100 percent of the time on watch, but a hacker only has to be successful one percent of the time to get into those defenses. We have to think of ourselves as basically setting up little cyber fortresses to stop these attacks,” Franz said.

So how can you prepare your agribusiness for these attacks? Franz says it starts with training employees to understand the dangers of phishing.

“That’s a targeted attack against you, based upon email and text where they’re trying to get you to click on a link or download an attachment of some sort, which has malware. That software attachment allows them access to your network. Phishing is mass distributed pain. That means people are sending this out pretending to be an Amazon scam or Norton or well-known providers that people may be utilizing that the attackers are pretending to be these people and conning them into, “hey, you have to do this or patch this.”

Franz says the best way to take control over your cyber security is to use two-factor authentication which will make it harder for any hacker to disrupt the flow of your ag operation.