While precision agriculture technology (aka smart farming) reduces farming costs and increases crop yields, farmers need to be aware of and understand the associated cyber risks to their data and ensure that companies entrusted to manage their data, including digital management tool and application developers and cloud service providers, develop adequate cybersecurity and breach response plans.
Threat
The FBI and USDA assess the farming industry’s growing adoption of precision agriculture technology may increase cyber targeting activity against the FA Sector with the intent to steal farm-level data in bulk. A recent example of government-authorized big data analytics demonstrates the value of aggregating farm-level data to track and even anticipate crop availability and pricing. Similarly, criminals could aggregate stolen data or steal analyzed data to exploit U.S. agriculture resources and market trends.
The Wall Street Journal in March 2014 reported concerns that the FA Sector will face increased cyber targeting with the growing adoption of equipment and services that collect and analyze farm-level data, including information about soil content and past crop yields, as well as planting recommendations (i.e., precision agriculture).
On Jan. 27, 2016, the USDA announced the winners of a contest in which Microsoft hosted a century of public climate and crop data for competitors worldwide to design data visualization tools for farmers. For example, the winning tool allows users to follow trends in local crop availability and prices. The intent of the contest was to explore how to render big data in agriculture into a tool that allows farmers to make sustainable decisions that have an impact on food supply.
Other potential cyber risks to farm-level data
In addition to theft, farm-level data may also be vulnerable to ransomware and data destruction. Ransomware has become a significant threat to U.S. businesses and individuals. Perpetrators use ransomware to encrypt a user’s important files, rendering them unreadable until a ransom is paid. Hacktivists may also destroy data to protest, for example, the use of genetically modified organisms (GMOs) or pesticides.
The single most important protection measure against these threats is to implement a robust data backup and recovery plan. Backups should be maintained in a separate and secure location so that malicious actors cannot readily access them from local networks.
—From Federal Bureau of Investigation news release