A ransomware on a small Ontario hog business is something a cybersecurity expert says needs more attention from the agriculture industry.
Instead of cash, the attackers demanded the hog business owners publicly admit to what they alleged to be livestock mistreatment.
The occurrence was unique and alarming, says Ali Dehghantanha, Canada research chair in cybersecurity and threat intelligence at the University of Guelph’s Cyber Science Lab.
The lab offers a for-fee support service for those managing cyberattacks and cybersecurity.
NEW AUDIO SERIES: Cyber-Savvy Farmer
Read Also
At Ag in Motion: Seeding equipment gets its closeup
Ag in Motion’s 2023 edition continued to make equipment demonstrations a central part of its presentation to farmers. Not only…
While the number of cybersecurity incidents across Ontario’s agriculture industry has been rapidly increasing overall, he says the cashless ransomware attack against the family hog business — an incident he and his colleagues helped the family resolve — highlights what could become a wider trend in the tactics used by special interest actors.
Why it matters: Ransomware and other criminal cyber activities usually come with demands for payment. Malicious actors focused on disrupting food production rather than money pose another, potentially harder-to-solve threat.
According to Dehghantanha, the attack perpetrators claimed to have a variety of incriminating evidence showing animal abuse on the farm. This included camera footage taken from what the perpetrators claimed was a now-compromised farm surveillance system. The attacker’s prerequisite for releasing their hold on the farm’s network was a public statement, from the business owners, admitting to animal abuse.
In Dehghantanha’s view, this would have been financially devastating for the business.
In reality, no such footage existed. Indeed, claims of comprised cameras were false. Barring the demand for self-incrimination, the attack proved to be a standard, easily manageable ransomware attack.
“This was the first time working in this specific industry we have seen ransomware not asking for money. That would make our job much more difficult as we are dealing with adversaries whose motivation is not money,” Dehghantanha says, adding the transfer of cash is often the riskiest part for those committing ransomware attacks, because the movement of funds can be tracked.
“Prior to this we were not concerned with these small family food businesses…There was not a playbook for these kinds of situations.”
More accessible ransomware
Dehghantanha says his lab has been engaged with 20 cybersecurity issues reported from southern Ontario in the first half of 2023 alone — up from a mere handful in the entirety of 2019. Awareness of cyber risk has likely played a role in higher reporting, but it’s also getting easier for bad actors to acquire harmful attack tools like ransomware.
Simultaneously, the agriculture and food sector are underprepared for such threats. Dehghantanha considers agriculture and food to lag other sectors, notably energy and health, by approximately five years. Remedying the problem would begin by establishing a committee or another body of industry representatives, technology experts, and others to design cybersecurity standards “rooted in the reality of the industry.”
“We must identify steps for farmers and businesses that can be gradually achieved to get to the same level. This has happened in energy and health sector so there’s no reason it can’t happen in agriculture sector,” says Dehghantanha.
“We need to identify a body responsible for receiving these standard reports from farmers trying to evaluate them and give feedback and work with them…If a farmer knows they are level two, level three, or whatever level they are, it would make it much easier for them to understand and improve.”
Awareness and practice
Stakeholders in the agriculture sector, such as Ontario Pork, say they are raising awareness about the ever-growing need for better cybersecurity.
In an email statement received July 12, Ken Ovington, general manager for Ontario Pork, says the commodity group “routinely meets with cybersecurity experts and researchers to gather knowledge that can be used to create awareness and provide informational tools that are valuable to pork producers and the provincial pork industry.
“These types of cyberattacks are undeniably on the rise. As technology usage increases, so does the methods and sophistication of cyber criminals so it’s crucial that producers, agricultural organizations and government continue to prioritize cybersecurity measures, stay vigilant, and collaborate to prevent future cyberattacks,” says Ovington.
Strategies used to prevent issues within the organization itself were listed as well, including cybersecurity training for employees. No comment on specific incidents, such as the ransomware attack on the family hog operation, was provided.
Dehghantanha himself encourages greater proactivity. While establishing standards would help the agriculture sector improve overall security – and, potentially, bring spinoff benefits like lower insurance rates for higher cybersecurity scores – he stresses individuals and organizations need to pay attention to the threat posed by cyber criminals focused on industry disruption over money.
“We don’t need to wait for a standard to work on awareness. If you have livestock, you could be on a target list.”
— Matt McIntosh is a southwestern Ontario freelance writer. This article previously appeared at Farmtario.com.
Click Here For The Original Source.
