22 Better Farming | November 2024 Follow us on @BetterFarmingON means that farmers are managing increasingly large amounts of data and technologies that potentially expose them to cyberattacks.” Adding to the problem, many farmers may not be adequately equipped to deal with the accompanying cybersecurity threats that these technologies introduce. “The farming industry in Canada is made up of a significant number of independent business owners who manage their own IT and OT systems,” says Croucher. “A 2022 survey of 167 farmers found that they had invested, on average, only $541 in cyber security since 2020.” Not surprisingly, the damage to agriculture goes far beyond the farm gate. For example, in 2021, a ransomware attack on JBS, the world’s largest meat processing company, earned the hackers US$11 million in ransom. “In the process, production was disrupted for several days, including at the JBS Canada beef processing plant in Brooks, Alta.,” says Westman. “The incident threatened to disrupt food supply chains and further inflate already high food prices.” Another prominent target was Saskatoon-based Federated Co-operatives Ltd. (FCL), a wholesaling, manufacturing, marketing and administrative co-operative owned by more than 160 independent retail co-operative associations from B.C. to Manitoba. These co-ops own and operate “agrocentres,” food stores, gas bars/convenience stores and home centres. “FCL stated it was hit by a cyberattack in June of 2024,” says Westman. “Though it did not publicly state that it was a ransomware attack, there were many signs indicating as much.” The attack affected internal and customer-facing systems, stock in some grocery stores, and cardlock fuel locations, which supply fuel to various corporate clients. “There is a potential for consumers to face higher prices for certain products if farming operations are disrupted by these intrusions,” says Croucher. “A reduction in the quality or quantity of crop yields could drive up costs. Additionally, pressure on commodity prices may arise from irrigation issues, reduced product availability in grain elevators, and impacts on transportation systems, such as the rail network, due to lower volumes.” As a result, consumers may receive lower-quality products at inflated prices. Furthermore, if farming operations are compromised and struggle to recover, consumer confidence could be lost. Learn not to burn The private and public sectors are being encouraged to educate farmers, businesses, organizations and citizens about current and emerging cyber threats. “The Government of Canada has started an educational program where you can take short, online courses for free to enhance your awareness of the issue,” says Lennon. “What does a scam or phishing expedition look like? How do you know if a message or email you receive is safe? “We regularly send out test messages to our staff to see if they recognize the threat, just to remind them of what to look for.” One of the easiest and most effective protective measures, whether for a family farm or large retailer, is to have strong, unique passwords. “We are all guilty of reusing the same password over and over, and that can be your weakest link,” says Lennon. “Once a hacker gets your password for one of your sites, they can use it for all of them.” As an additional safeguard, Lennon advises changing your passwords regularly and keeping them private, even from friends and co-workers. While some larger companies hire a managed detection and response agency to monitor their systems 24/7, that comes at a cost. “I have been advocating for the Canadian government to offer a non-refundable tax credit for small and medium-sized businesses when they hire an MDR,” says Westman. “This would allow those companies to pair with a service that will identify risks and help manage them.” The Canadian government has taken steps to address the threat of cyberattacks against critical infrastructure. “In 2020, the Canadian Centre for Cyber Security released the National Cyber Threat Assessment, identifying the agricultural sector as part of Canada’s critical infrastructure vulnerable to cyber threats,” says Croucher. “Additionally, the CCCS has published the ‘Baseline Cyber Security Controls for Small and Medium Organizations’ to assist small independent businesses in managing their security. However, Bill C-26 – An Act respecting cyber security, which aims to strengthen critical infrastructure on cyberattacks, does not include food and agriculture specifically.” Fortunately, whether it’s crops or computers, ag sees the need to “act, not react” – something Croucher cites as vital to winning the cyber war. “By providing targeted guidance, education, and actionable steps, stakeholders can help reduce risks across the entire farming supply chain, including farm operations, transportation, and shipping.” BF CYBER SECURITY ON YOUR FARM Ryan Westman Steve Croucher Cathy Lennon GEOFF GEDDES Geoff is an agriculture writer and editor. He has written for farm magazines, blogs, websites, and social media.
RkJQdWJsaXNoZXIy NTc0MDI3