Blog

Data Security in Agriculture: Six Surprising Facts

Written by ShardSecure | August 4 2023

For many of us, our mental image of agricultural technology is limited to tractors and harvesters. But the reality of the agriculture sector is that technology plays a major role. From precision farming to acoustic pulse technology, from laser scarecrows to hydroponics, technology is a crucial part of modern agriculture.

However, with the abundance of technology comes a wealth of data — much of which needs to be protected. Ensuring the security of agricultural data has become essential not only for safeguarding farmers’ livelihoods but also for maintaining the integrity of the food supply chain.

In this blog post, we’ll explore six surprising facts about data security in agriculture. We’ll also explain the importance of prioritizing data protection with solutions like the ShardSecure platform.

Data security in agriculture is a growing concern

Cyberattacks are a major issue in nearly every industry. But agriculture is experiencing both a rise in threats and an under-preparedness to address those threats. In the past few years, incidents like the 2021 ransomware attack on the meat processing giant JBS Foods have underscored just how vulnerable the food supply chains are.

For years, agriculture was also one of the only critical infrastructure sectors that didn’t have an information sharing and analysis center, or ISAC, to help the industry combat attacks. Although that’s recently changed with the formation of the Food and Agriculture Information Sharing and Analysis Center in May 2023, the sector still has a lot of catching up to do — and attackers are not waiting around.

1. Agribusiness is a high-value target

Agriculture has become an attractive target for hackers due to the wealth of valuable data in this sector. From proprietary crop data to sensitive financial details, agricultural systems create a vast amount of information that is highly lucrative to cybercriminals.

Agriculture is also a time-sensitive sector, as tasks like planting, harvesting, and transporting food to markets require quick action. Attackers are aware that companies are highly motivated to avoid disruptions — making them more likely to pay ransoms. As a result, the industry is seeing widespread cyberattacks that can jeopardize the supply of food. In 2021, for instance, ransomware shut down US baking and beverage companies, agriculture cooperatives in Minnesota and Iowa, and more.

2. Precision farming has introduced more data — and more threats — than ever before

Precision agriculture tools allow farmers to do things like monitor their crops, adjust their soil balances, and gain rapid feedback on harvest conditions. GPS sensors and satellite imagery can help determine the right fertilizer blends for different fields, while remote-operated tractors can automatically spray the appropriate mixes of chemicals.

While precision farming helps farmers use resources more efficiently and increase their yields, it also brings new risks. These technologies generate massive amounts of data — according to one IBM study, the average farm generates half a million data points daily — and unauthorized access to this data can have disastrous results. If attackers breach precision farming tools, they can remotely poison crops, disable millions of tractors, and raise temperatures on poultry farms enough to kill thousands of birds in a matter of minutes.

In the words of one researcher: “There are two types of precision agriculture systems — those that have been hacked, and those that will be.”

3. Farming is all about supply chains — and attackers have taken note

We all know about the supply chains that put food on our plates, from the grain crops for feeding livestock to the burgers on our grills. But there’s also an invisible supply chain of third-party providers and suppliers that undergird the agriculture industry, and it’s making farming companies more vulnerable to attack.

As agriculture has become more globalized and data-centric, farmers have grown to rely on third parties for everything from data analysis to payroll. This includes agricultural technology providers (ATPs), whose practices often leave farmers concerned about the unauthorized access, collection, and sharing of their data.

The result is an extended supply chain that almost invariably contains weak links in data security. Companies without strong data security policies are prime targets for cyberattackers, who can use their systems to gain unauthorized access to larger companies in the agricultural supply chain. From there, criminals can wreak havoc via malware, data extortion, and other tactics.

 To protect their sensitive data effectively, agribusinesses must ensure that all third-party vendors adhere to stringent data security standards and have robust privacy policies in place.

4. AI is introducing new risks

Artificial intelligence is already surprisingly prevalent in the agriculture sector. In the dairy industry, for instance, AI tools like smart collars and ear tag sensors allow farmers to automate rapid care for their herds. Other tools are designed to help farmers make economic decisions, inspect crops, and even robotically drive tractors.

But, the University of Cambridge cautions, AI tools also bring new threats. Much like precision farming technologies — which themselves may leverage AI software — these tools open up the possibility of cyberattacks. Hackers may cause significant damage by poisoning AI datasets, shutting down crop sprayers or harvesters, or manipulating or deleting vital information.

To guard against this possibility, the University of Cambridge suggests the use of ethical hackers to uncover security gaps and vulnerabilities in farmers' AI systems.

5. IoT devices are a major source of vulnerabilities for agribusiness

In agriculture, the internet of things allows farmers to monitor crops and gather real-time data on weather conditions, soil quality, and more. Internet-connected sensors provide metrics about everything from drainage capacity to humidity and dew levels so that farmers can more closely analyze their operations and make data-driven decisions. For instance, some devices may help fine-tune soil properties, while others monitor crop stress and detect pest outbreaks.

However, this interconnectivity also introduces potential vulnerabilities. Many IoT devices lack robust security protocols, making them susceptible to unauthorized access and exploitation. This opens the door to data theft, phishing, distributed denial of service (DDoS), and other attacks.

6. Farmers have to worry about compliance, too

Like businesses in other sectors, agribusinesses must navigate the challenges of regulatory compliance, including adhering to data privacy laws when applicable. 

While only large corporations that process personal identifiable information (PII) will be subject to regulations like the EU’s GDPR, even small family farms have a good reason to keep an eye on compliance. Research shows that third-party ATPs do not always follow data privacy best practices or offer adequate transparency about how data is being used.

What’s more, the industry lacks a standard set of data security compliance principles like SOC 2, and some data privacy laws like the CCPA do not protect PII in the agricultural sector.

How can the agriculture industry improve its data security?

With cyberthreats evolving rapidly, improving data security in the agriculture industry is crucial to protect farmers’ livelihoods, maintain food safety, and ensure a sustainable supply chain. To fortify the sector against cyberattacks and breaches, agribusinesses should consider implementing the following data protection measures:

  • Keep IoT devices on a separate network from critical business systems and sensitive data.
  • Invest in recovery and resilience solutions, including tools to support regular backups and data integrity.
  • Have cybersecurity experts conduct assessments of data protection processes.
  • Employ innovative encryption solutions.
  • Update software regularly to ensure systems are protected against known vulnerabilities.
  • Provide comprehensive training on cybersecurity best practices for farm workers and other company personnel.
  • Establish incident response plans that take into account the time-sensitive nature of many farm operations.

Additionally, agribusinesses may employ a data security solution like the ShardSecure platform. Our technology provides agentless file-level protection for sensitive data created by precision farming technologies, AI tools, and day-to-day farm operations. With robust data resilience and data privacy, the ShardSecure platform also ensures that critical systems can continue to function even during outages, cyberattacks, and more.

To learn more about ShardSecure’s solution, visit our resources page.

Sources

The Dangerous Weak Link in the US Food Chain | Wired

The Food and Agriculture Industry Gets a New Center To Share Cybersecurity Information | The Washington Post

Cyber Criminals Targeting Agribusiness | World Grain

AI and Cloud Technology Helps Agriculture Industry Improve the World's Food and Crop Supply | IBM

A Prediction Model Framework for Cyber-Attacks to Precision Agriculture Technologies | Journal of Agricultural & Food Information

Protecting Farmers’ Data Privacy and Confidentiality: Recommendations and Considerations | Frontiers

AI and Agriculture: How It’s Changing Farming and Finance | AgAmerica

Risks of Using AI To Grow Our Food Are Substantial and Must Not Be Ignored, Warn Researchers | University of Cambridge

IoT in Agriculture: For Real-Time Farm Monitoring | Cropin

Cybersecurity for Agriculture | USDA