‘Phishing’, farming and ransomware: Cyber security in agriculture
With agriculture becoming increasingly digitised, and many essential elements of farming becoming increasingly online-based, the question of cyber security inevitably has to be raised.
The issue becomes all the more apparent following a high-profile incident last week where social media service WhatsApp told the Data Protection Commission of a “serious security vulnerability” last Monday evening, May 13.
Considering the widespread use by farmers of the WhatsApp platform, from farm discussion groups to farm organisation communication channels, AgriLand asked the question: What do farmers need to know about the issue of cyber security?
AgriLand discussed with cyber security expert Keith Duggan, of Resilient Defence, what exactly farmers need to do to safeguard against online threats.
“WhatsApp has released a ‘patch’ or a fix, so once the user updates their application – and provided it’s updated since Friday – you’re in a good place and you don’t need to stress too much about it.”
Moving on to the broader topic of cyber security as a whole, Keith outlined the basics.
‘No silver bullet’
“Generally with cyber security – and it’s relevant to all industries – it’s absolutely critical that you focus and understand the risk to your organisation first, before you apply any solution – because there’s no silver bullet.
“In Resilient Defence, we focus on small and medium enterprise organisations; cyber security isn’t always at the top of the agenda, but it’s something that should be addressed.
“Organisations, once they understand their risk, they can then – and only then – apply the right solution for their organisation.
One of the largest issues that organisations are facing is ‘phishing’ attacks.
“A phishing email or a phishing text message could come through and that could ultimately install a malware onto your phone or your device – and that leaves you open then to potential ransomware attacks.
“Phishing attacks can come through your mobile device, so we would always look at what is the right solution, or have you a solution in place for your mobile devices as well,” he explained.
“If a ransomware attack hits a farm tomorrow, they can literally shut that down until the money is paid; that’s a very real risk.”
The security specialist explained that hackers could look for anything from hundreds to thousands of euros and they “do their homework”, looking up target companies on the likes of Solocheck.
They’ll identify the turnover, they’ll see what’s reasonable and then they’ll make a fairly ‘reasonable’ ransom. And at the time the business owner is going to go ‘well, it might be worth paying this’.
“That’s why insurance is really important as well. There is cyber security insurance available to organisations and it will cover ransomware and cover these issues that you can have.
“But the insurance won’t go in place unless you’ve the right measures to mitigate it in the first place.”
Farmer best practice
Turning to the topic of best practice when working online, Keith outlined two key aspects: culture; and tools.
“With the technical solutions you need to ensure that your IT systems are up-to-date; similar to WhatsApp, provided you have the right, up-to-date solutions in place, and the right security solutions in place, you can help prevent ransomware attacks.
Outdated software solutions, they can cause problems. The right firewalls are really important as well.
“So technically there are measures you can put in place; technically you can put measures on mobile devices that will ensure that dodgy websites can’t be visited for example, which can lead to malware being installed which can lead to a ransomware attack.
“And then if we look at the flip-side there’s the culture – IT software and solutions are tools; they are important but that’s all they are.
“Culture is about processes: Is there a security culture within the organisation? Is there an understanding that writing a password on a post-it note and leaving it around the office – that’s not the right way to do things. That’s the wrong culture.
“So culture is critical along with the right technical solutions.”
- Make sure you have an IT company that’s actually proactive, proactively updating your systems; and
- Educate the team on what risks are out there, if it’s a phishing attack or ransomware – what they are, how they happen.
“They’re the key steps,” he said.
In terms of what farmers should watch out for immediately, Keith explained that a phishing attack through an email or text message can be the first step to malware, which can lead to ransomware.
“So always be cautious if you receive an email or a message that doesn’t look right,” he warned.
“You need to look at the email address that’s coming in – and they can be very sophisticated and very difficult to spot. That’s why they’re so successful.
“The PWC Irish Economic Crime Survey 2018 stated 66% of attacks in Ireland were through phishing attacks,” the cyber security specialist noted, which is twice the rate of cyber attacks compared to globally.
It’s on the increase because it’s very, very effective.
Noting that a suspect email can have an address that looks convincing but with subtle spelling changes, Keith advised to look out for “little things”, such as a “1” instead of an “l”.
“If it’s asking you for information that you wouldn’t normally give out, or it’s asking you to click on a link to login to do something – always question that.
“Double check who the sender is and, if you’re not sure, contact the sender or who the sender should be via their website.
Always be very cautious about emails and messages that are coming in that aren’t familiar. They’re big red flags.
“Unfortunately it’s much harder to spot on a mobile device because on a laptop or PC you can hover over the email address and it’ll actually tell you. You can’t do that on a mobile device.
“So if you’re suspicious on a mobile device don’t open it; wait until you get back to your laptop or desktop, then analyse the message, hover over the sender. That’s what I’d recommend.”
Resilient Defence is the cyber arm of security firm Reconnaissance Group, which was established in 2006.
“What makes us different from the other cyber security companies that are out there is we don’t just look at the technical risks; we look at the physical risks as well,” Keith said.
“We bring in the technical experts who do all of the penetration testing, the vulnerability assessments, all of that; and we couple it with our understanding of risk – we take a 360° approach and that’s what makes us different,” he concluded.