Best Blog of the Week
Minding Ag's Business: Four Things You Can Do to Avoid Cyberattacks on Your Farm
What would happen to your business if the balance in your account was suddenly zero or overdrawn? What if all your invoices, payroll and other bookkeeping became completely inaccessible just as you need to give them to your accountant? Or if you were unable to adjust the aeration system in your completely full grain bin after harvest?
It'd be an absolute crisis. It may be tough to imagine any of these things coming to pass, but cybercrime is on the rise, up 69% in 2020 from the prior year, according to an FBI report.
Your business may be small compared to JBS, NEW Cooperative or others in agriculture that have fallen victim to cyberattacks this year, but size does not confer protection. I repeat: Your business is not too small to be hacked or fall victim to ransomware. In many ways, it actually makes you more vulnerable.
"They are looking for targets they believe are more prone to caving under an attack, or to being exploited and not having the proper security resources in place," said Sarah Engstrom, chief information security officer and vice president of IT security, productivity and privacy for CHS, in DTN's recent series, Cybersecurity and Ag. "We are seeing it, and we are hearing of smaller companies getting pummeled with cyberattacks and ransomware."
I recently had a conversation with folks from CliftonLarsenAllen in preparation for this year's DTN Ag Summit, and they anticipate a disturbing rise in cyberattacks targeting farming and ranching operations. These hackers tend to move by industry group, and farmers could be up next. That's why David Anderson, one of CLA's principals and a cybersecurity expert, will join us at this year's event, which will be held Dec. 5-7 in Chicago. He will share strategies farmers can employ today to safeguard their business's crucial data and technology. (For more details on Ag Summit and the full agenda, please visit www.dtn.com/agsummit.)
In an industry that's generating more proprietary business data every year, that's relying more on software than pen-and-paper ledgers, and that's connecting more devices to the internet each season, it pays to stop and think about your digital footprint. As the saying goes, an ounce of prevention is worth a pound of the cure.
That said, there are a number of things you can do right now to lower your risk of falling victim to one of these attacks.
Here are four ways to help avoid cyberattacks:
-- Beware of email or text message scams. If that email seems fishy -- or "phishy" as it's referred to in the IT world -- don't reply, don't open the links. Block the sender. Anderson will discuss how to identify phishing in his presentation at Ag Summit, but in general, be on the lookout for emails that attempt to appear legitimate. These will often include the names of people or a company you know, but the email address will be wrong. It might include an urgent request, like for financial information for example, that you wouldn't normally receive via email. Beware attachments of PDFs or Word documents or links that aren't clear. They may allow hackers to download ransomware or spyware onto your computer.
-- Multifactor authentication is your friend. Yes, entering an addition code that you receive by text message may seem like a pain, but it's there to protect you. Many of our passwords have been exposed during data breaches with various companies. If you're like many of us, you use the same or similar passwords on various accounts. If your password was compromised in one of these breaches, you don't know who has access to your information. Multifactor authentication keeps bad actors from accessing your accounts because they don't get the security code, and therefore can't log in. Change your passwords frequently (every 3 months or so) and try to use unique passwords for each account.
P[L1] D[0x0] M[300x250] OOP[F] ADUNIT[] T[]
-- Update your operating systems. When was the last time you updated Windows on your computer? If you don't recall, you should probably check. If your cellphone carrier is like mine, you can only postpone a software update for a day or two before it's forced through. These updates often include security patches, which means the company has found a flaw in its system that could be exploited and has fixed it. The more frequently you update your systems with these patches, the less disruptive they'll be. If the company is no longer updating or supporting your operating system, consider replacing the device.
-- Think about insurance. Many insurers don't cover losses from cyberattacks as a standard part of policies, but some do, so it's worth it to ask your provider what's covered. If they don't offer coverage, investigate it see if you can find someone that does. Or see if your insurer recommends an incident response company that can help you assess the impacts of a hack. As Progressive Farmer Senior Editor Victoria Myers reported in her series, many of these companies are overwhelmed and will only work with you if you have an existing contractual relationship.
There's a lot of good information and advice in Myers's Cybersecurity and Ag series.
You can read the series in its entirety using these links:
Cybercriminals Take Aim at America's Food Supply
Ag Corporations Prepare for Battle Against Hackers
Is Uncle Sam Asleep on the Cybersecurity Job?
Precision Ag Companies Strive for Cybersecurity, but Hacking Threat Remains
Five Tools Pros Use to Protect Data and Systems
Teams Reported Precision Ag Threat in 2018
Commodity Market Safety a High Priority
Six Ways to Stop Hackers From Stealing Your Data
Katie Dehlinger can be reached at katie.dehlinger@dtn.com
Follow him on Twitter at @KatieD_DTN
(c) Copyright 2021 DTN, LLC. All rights reserved.