The Rising Threat of Cyberattacks in Agriculture
The agriculture industry is facing a surge in cyber threats, with recent data highlighting a significant increase in attacks. As technology becomes more integrated into farming and food production, the vulnerabilities grow, prompting concerns among experts and lawmakers.
A study by Check Point, a global cybersecurity firm, revealed that agriculture experienced a 101% rise in cyberattacks globally over the past year, marking the highest increase among all industries. In the United States, the sector saw a 38% hike in attacks, according to Check Point researcher Omer Dembinsky.
“Not double, like the overall number worldwide, but still very significant,” remarked Dembinsky regarding the U.S. statistics. Although agriculture is not yet among the top targets, educational, telecommunications, and government sectors remain the most frequently attacked. However, Dembinsky warns that the increased reliance on technology in farming makes the industry more susceptible to cyber threats.
“There is more and more modernization going on and continuing to grow – the computers in the field, and in manufacturing and transport,” Dembinsky noted. “And it’s not something that has a lot of security and safety guards like bank institutions or the government.”
Recent high-profile cyberattacks in the U.S. include incidents affecting Ahold Delhaize USA, leading to limited inventory at Stop & Shop stores and the shutdown of United Natural Foods’ online platform due to a cyberattack in June.
Doug Jacobson, from Iowa State University’s Center for Cybersecurity Innovation and Outreach, emphasized that smaller farming operations are also at risk, though these attacks often go unnoticed. “An adversary steals $5,000 from a farmer, [it] doesn’t make the news,” Jacobson stated. “An adversary steals $5 million from a meat processing factory. That makes the news.”
As advanced technologies such as drones and computerized irrigation systems become commonplace, they offer new avenues for cybercriminals to exploit. Jacobson explained that many threats to smaller producers resemble the phishing scams prevalent in other sectors, where attackers deceive victims into transferring funds to fraudulent accounts.
“A lot of it right now deals with convincing the producer to transfer money to the wrong place,” he added. “Convincing them that, ‘hey, I’m the co-op, and we have changed banks, so now you need to route the money to this bank.’”
Lawmakers and Researchers Take Action
In response to these growing threats, federal lawmakers have introduced several bills aimed at bolstering cybersecurity in agriculture. Proposed measures include requiring the U.S. Department of Agriculture to conduct annual cyberattack simulations and establishing research programs at universities nationwide.
U.S. Rep. Don Bacon has reintroduced the American Agricultural Security Act to create biosecurity and cybersecurity research centers at U.S. universities. These centers would collaborate with federal agencies to address cybersecurity challenges in agriculture and offer training and workforce development.
Bacon emphasized the collaborative potential with universities: “If you’re the Department of Agriculture, you can go to – hopefully, something like UNL (the University of Nebraska – Lincoln) – and partner with some very smart people who are studying this, and you get a better product.”
Another notable legislative effort is the Cybersecurity in Agriculture Act, introduced by U.S. Reps. Zach Nunn and Don Davis, which aims to establish Regional Agricultural Cybersecurity Centers with $25 million in annual funding. A companion bill has been introduced in the Senate.
Jacobson noted that these bills provide crucial funding for research and signal governmental recognition of cybersecurity in agriculture as a pressing concern. “Ag is such a diverse area,” he explained, noting the complexity of issues spanning from seeds to precision agriculture.
Universities such as the University of Nebraska and Virginia Tech are actively engaging in research to address agricultural cyber vulnerabilities. While specific degree programs in agricultural cybersecurity may be unlikely, Jacobson envisions its integration into existing curricula in related fields.
Jacobson advises producers to be cautious of urgent requests, suggesting confirmation through direct communication. “An email is not a way to do anything urgent,” he warned. “Weird payment formats – question that. Nobody does business in Target gift cards.”
This article was produced in partnership with Harvest Public Media, a collaboration of public media newsrooms in the Midwest and Great Plains focusing on food systems, agriculture, and rural issues.
