MSPs with a portfolio of clients that include nondescript agriculture and food processing businesses, often think they are off the radar of sophisticated international hackers. Yet, this is not the case at all.
“An MSP in Omaha, for example, serving grain growers or cattle feed producers may get a sense of complacency that hackers overseas aren’t interested in them. But that is an irresponsible view,” warns Jack Reed, a cybersecurity consultant in St. Louis.
And the FBI agrees.
A bulletin released by the FBI last week advises agri-business interests to be on guard, especially with the Spring planting season now in full swing across much of the USA. The bulletin warns that hackers attack agri-business year-round, but that the incidents appear to spike in the Spring. And these hackers may be less motivated by terroristic intent than a quick payoff. The bulletin notes that because of the time-sensitive nature of the agricultural industry, even a few hours offline can be too many. Often, an immediate payoff to the hackers is the only avenue that makes sense.
“For hackers, knocking out an agricultural cooperative in May would be akin to knocking the Super Bowl out an hour before kick-off,” Reed emphasizes. “Although authorities recommend against paying the ransom, there are situations where you have to feel for those that do pay, it’s a horrible situation, and hackers know it, and they thrive on it.”
Securing agri-business is serious business
Reed adds the “romantic” image of a farmer out in the field planting seeds and checking the corn is often the exception, not the rule. “Most farming today is large scale, heavily automated, and very network and IT dependent,” he says.
Reed also warns that often an MSP may dismiss a bulletin like the FBI’s Agri alert, thinking, “We don’t have any agribusiness clients.” But a closer examination could reveal that a client is part of the ecosystem, like a manufacturer that makes a component of a seed spreader or, perhaps, a client in the bio-agri-med tech sphere.
“The entire food system in the USA is an intricate chain. It just takes one link to be taken out to topple the whole system and sow chaos which is what hackers want,” Reed stresses.
Protecting the food system
The FBI’s bulletin offers its usual laundry list of safeguards to take, including:
- Regularly back up data, air gap, and password-protect backup copies offline.
- Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
- Implement a recovery plan that includes maintaining and retaining multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).
- Identify critical functions and develop an operations plan if systems go offline. Think about ways to operate manually if it becomes necessary.
- Implement network segmentation.
- Install updates/patches operating systems, software, and firmware as soon as they are released.
But there are more steps an MSP can take to avoid having their link in the food chain swallowed up by the hacker food chain.
“For instance, keep user training up-to-date and industry specific. That is key. Excellent hackers will stick a ransomware in a message that looks very relevant, so an email about increases in feed prices, an invoice from a cattle vaccine maker, or a message about the Spring planting schedule may look very relevant, and someone wouldn’t hesitate for a second to open it. This where user training is key, helping the unsuspecting not get duped,” Reed advises.
Another significant agribusiness threat: weather forecasts, reports, and climate data.
“If you are working anywhere in the Agri-business ecosystem, you are watching the weather. Hackers know that. It would help to educate users on the types of weather data to access. Most people think the only threat from the weather is drought or thunderstorms, not cyber storms,” Reed says.
Best practices including accessing weather data only from approved sources, visiting encrypted weather websites, and watching for unsolicited climate data and weather forecast emails with great suspicion. The FBI alert spells out what could happen with a successful cyberattack on a single link in the food chain:
A significant disruption of grain production could impact the entire food chain since grain is not only consumed by humans but also used for animal feed. In addition, a significant disruption of grain and corn production could impact commodities trading and stocks. An attack that disrupts processing at a protein or dairy facility can quickly result in spoiled products and have cascading effects down to the farm level as animals cannot be processed.
Reed also recommends MSPs carefully examine their portfolio and not just assume a company is a “manufacturing facility.”
“The FBI notice is a good excuse for MSPs to really get to know their clients. Know every aspect of their production business. When you learn exactly what they do, you can know exactly what to protect,” Reed says.
Photo: 1000 Words / Shutterstock