Protecting livestock farms from cybercrime pt. 2

Part 2: Preventing cyberthreats

The internet was first hailed as a tool for open information and operability. No one suspected the potential for nefarious activity. Now everything is accessible, which allows bad actors to infiltrate farms and other businesses.

Too often, dairy farms are cybercrime targets. Andrew Rose, of the nonprofit Bioeconomy Information Sharing & Analysis Center (BIO-ISAC), discussed this critical topic during a Balchem presentation.

“If adversaries are looking at agriculture as critical infrastructure, which I know they are, and want to pick the sector that would hurt us the most, I can see dairy at the top of the list,” said Rose. “While there’s no proof for this, attacks on dairy have been greater than on other sectors.”

Dairy and other livestock farms that rely on computers daily can take steps to secure their safety, beginning with passwords. Malcontents sometimes crack passwords, but businesses can make it difficult enough that they move on to find an easier target. While four-digit passwords are long gone, multifactor authentication is an option.

Multifactor authentication is a security system requiring two or more distinct credentials to verify identity. Such authentication can be done via text or email. Sometimes a passkey is used, which is a secure authentication that doesn’t require a password.

Although it can be costly, Rose highly recommends investing in a virtual private network (VPN), which hides the IP address to further safeguard a farm’s internet system.

“A VPN is especially important when traveling because AI agents are scraping every bit of public information about you, your family and your organization,” said Rose. “It’s being archived whether it’s useful or not. Anything you don’t want as part of an AI large language model should be private.”

A large language model is a type of AI designed to understand, generate and summarize human-like text by analyzing vast datasets using deep learning such as Gemini and ChatGPT.

Rose cautioned people to resist scanning QR codes in restaurants such as those found on menus. “A keystroke monitor or some other malware might be inserted into your device,” he said. “I never scan a QR code unless I am 1,000% certain of the person who is giving it to me and the place it’s supposed to go. I would rather be safe than sorry.”

Other ways to ensure cyber infrastructure safety include keeping an inventory of every device on the farm that uses the internet, including all cell phones. Make sure anything critical is password protected. Keep passwords safe and know the last time any were changed. Rose also urged farmers to shut down and restart computers daily.

For those who have never been the subject of a ransomware attack, criminals tend to go for the location of backups, which they can then disable; and where insurance documents are in the event the business has cyberinsurance that might pay ransom.

“They go in and hope they find insurance,” said Rose. “If they do, now they know how much the insurance company is willing to pay on your behalf to unlock your system. The customer service representative will contact you and say ‘Please put us in touch with your insurance agency,’ who will negotiate. They might talk them down from 3 bitcoin to 2.5 bitcoin and the check will be paid. If you want to break that chain, take insurance documents off your computer hard drive and keep them on a USB. Make sure there’s air between those documents and your computer so criminals can’t get in and begin negotiations.”

Rose provided some suggestions to safeguard the farm, beginning with turning off cell phones and restarting them daily. This ensures the latest security updates will be installed upon restart. The phone being “asleep” as it’s being recharged overnight is not the same as turning it off.

Regarding passwords, it’s best to not use the same password on more than two websites, but not because a thief can hack your password. “They break into a website and pull out all the usernames and passwords,” he said. “Then they program their AI agents to go to every website on the planet, plug in the email address and password combination into every website, find all the open doors and go that way. If you use different passwords for different websites, you will be at least a little safer from that.”

Rose spoke with a farmer who had an intrusion that came in through his home router, which was also his business router, in a ransomware attack. From the business, the intrusion went to his restaurants. The farmer paid the ransom, then six months later there was another attack. This happened because there was a shared router. Rose strongly recommends separate routers for farmers who have internet for home and business tied together.

To keep employees ahead of potential attacks, Rose suggested that dairies that host regular staff meetings include a business continuity exercise around the internet becoming “bricked” (rendered inoperable). Questions to address include how long the farm can operate, how it will operate and what employees need to take care of.

Monthly meetings where cybersecurity is discussed should include employees and others who attend regular farm meetings. Rose suggested inviting law enforcement to such meetings.

“There’s a thirst for information about these businesses,” he said. “Law enforcement doesn’t often get to come onto a farm or ranch and understand what it looks like. If something happens, it’s good for them to know where to come in, where to find someone. Bring the nutritionist in – ration software might be locked up behind an IT wall.”

AI is manipulating what people see and building networks of synthetic human beings and synthetic companies. “They are becoming more sophisticated,” Rose said, “and they will be indistinguishable in a digital world.”

If you suspect internet crime, contact the official U.S. government site for internet crime at ic3.gov.

by Sally Colby