Cyberthreats are a growing risk to Australian agriculture

Posted on

One of the biggest banes of agriculture isn’t unpredictable weather patterns of droughts and flooding rains, too few harvest workers, rising costs, or the shrinking prices grocery chains pay your business. It’s cyber threats.

Cybersecurity is a significant and growing threat to the Australian agricultural industry. The sector was the sixth most likely to record a data breach last year. Common attacks are data breaches, ransomware, phishing, scam emails, and malware.

Last year ransomware stopped Australian wool sales and, for Lion Dairy & Drinks, milk deliveries. In May, a cyberattack on global meat processor, JBS, sent home thousands of workers in its 47 facilities across Australia. REvil, the Russian group behind the attack, has said they’ll continue to target the agricultural sector and its supply chains.

Cyberattacks and data breaches can cost businesses thousands of dollars through:

  • Regulator fines for privacy breaches
  • Extortion
  • Customers’ or employees’ legal action when their personal information is breached
  • Customer notification costs
  • Diminishing trust from suppliers
  • Remediation and reputational repair.

Those costs can also arise from accidental breaches, such as a worker attaching an incorrect file on an email or using a copyrighted image on your marketing material or website.

Why is agricultural cyber fragile?

Cybercriminals exploit the fact that the Australian agricultural sector is diverse, spanning small to global enterprises. This means varying levels of IT understanding. The sector is experiencing a surge in technology investment, but paying less attention to cybersecurity. Payment portals and computerised agricultural machinery, such as precision ag, offer cyberhackers opportunities to access financial and personal information. Also vulnerable are business data, production systems, and intellectual property as well as:

  • GPS connected to tractors or for soil sampling
  • Remote sensing technology
  • Radiofrequency identification tags
  • Drones, robotics and autonomous machinery
  • Variable dosage rate technology (for seeding, fertilising, herbicides, etc.)

Research shows most farmers aren’t clear about the terms governing ownership, use, and access to their farm data. So, that opens up issues of portability, privacy, trust, distribution costs, and liability between technology providers and farmers.

A nationwide approach to tackling the issue involves industry group AgriFutures Australia and global cybersecurity experts, BDO Australia, and rural research and development corporations. The project’s survey of more than 1,000 agricultural operators recently found they were underprepared for cyberattacks. Many farmers underestimated their supply chain data breach risks, focusing their security efforts instead on activists and competitors.

Managing your risk profile

Just one in six operators said they had a cybersecurity incident response plan. Many said they didn’t know where to go for help after a cyberattack, the survey found.

As an agricultural business owner, consider examining who is in your supply chain to better understand and manage your risks. Think how you would handle it if an invoice were intercepted, your cloud-controlled water system goes offline, or your whole IT system is held to ransom(ware). Developing cybersecurity processes and keeping them updated means you’re always ready to deal with an incident.

Some agricultural enterprises are looking to reduce their risks by investing in a blockchain-based solution, which is harder to hack. It’s being used to solve product wastage, enhance supply chain visibility and management, better plan and carry out harvesting and storage as well as reduce food fraud. Blockchain technology helps make your supply chains and logistics data more traceable in real-time. AgriDigital is an Australian company that does this to track produce across the grain supply chain.

Professional services firm, Deloitte, says blockchain for agriculture offers:

  • Trustworthy peer-to-peer interactions
  • A full audit trail of data to help with record keeping
  • Proof of the provenance of a product to beat food fraud
  • Timestamped and tamper-proof transactions so better data integrity
  • Smart contracts to track data in near real-time.

Whether or not blockchain is on the cards for your agricultural business, you’ll need to protect yourself from the risk of cybersecurity incidents. Talk to us about customising cyberinsurance for your operations to cover for:

  • Breach of your statutory duties
  • Fines and penalties from a privacy breach
  • Your investigation and defence costs arising from a cyberattack
  • Liability following malware or a hacker attack
  • Business interruption that arises from a cyber event
  • Mediation and negotiation costs involving extortion
  • Damage to or loss of your information technology data, records, and systems
  • Brand personal reputational damage
  • Trademark and copyright infringement.

As well, some policies offer access to around-the-clock cyber expertise to guide you from when you detect the breach to the resolution.