In May, major American ag equipment manufacturer AGCO revealed it had been targeted by a ransomware attack on its computer systems. In a statement on May 16, the company said its efforts to restore systems and business operations were continuing successfully after the attack, which was discovered on May 5, and all factories and parts operations were expected to be back in operation within a few days.
In case you’re not exactly sure what a ransomware attack is, the U.S. government’s Cybersecurity and Infrastructure Assurance Agency says they are an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand to be paid a ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom isn’t paid.
AGCO certainly isn’t the first major corporation to suffer such an attack as there have been hundreds of reported occurrences. Recent corporate victims include pipelines, car manufacturer Kia and even the National Basketball Association.
Read Also
Case IH, New Holland dealers to see more integration
CNH plans for “more than 15 new tractor launches, 10 combine launches, 19 crop production launches and over 30 precision technology releases between now and the end of 2027.”
Cyberattacks could become your problem too
As today’s producers increasingly use telematics systems offered by equipment brands, any cyberattack on a manufacturer’s system may present a risk to all those who rely on it for their own data collection and access needs. Attacks on equipment brands’ systems could pose a problem for farmers.
All of this has required major ag manufacturers to beef up their cybersecurity efforts. A good example is the Cyber Security Defense Center (CSDC) by John Deere, established six years ago, to protect Deere systems from external threats and cyberattacks. Since then, CSDC staff have had to quickly adapt to changing tactics by cybercriminals.
“We needed to move from secure to resilient,” said Jason Beneke, group engineering manager at the CSDC, in a news release. “To be able to do that, we started with building a team of talented, intelligent engineers and analysts who understood the landscape of threats and could work with partners and industry peers to share intel and best practices. It was also foundational that we use industry-leading technologies to monitor and remediate threats.”
Today, Deere’s CSDC relies on its global team to put security measures in place to protect systems and data. The team guards “the perimeter” of Deere’s systems, looking for clues of malicious activity. The company says aside from dealing with any perceived threats to Deere’s systems, the team also monitors ongoing threats in other industries and uses that information in turn to help protect Deere and, by extension, its data customers as well.
Having to deal with cumbersome computer sign-in protocols and access limitations may be an annoyance for some but having those systems in place is critical for overall system security. By being diligent, everyone who has stored cropping or machine operation telematics data becomes the safer for it.
Anyone with a cellphone has almost certainly been a target of phishing, a tactic that attempts to trick legitimate users into revealing their passwords. And that is one of the key concerns for staff at Deere’s CSDC.
“Identity is really the cornerstone of a digital experience, and our team’s mission is to protect credentials and access,” said Heather Schladt, group engineering manager for identity and access management at Deere, in a news release.
“Credential theft is popular in phishing attempts and social engineering. The combination of using technology, such as multi-factor authentication, for example, and educating our users about these risks, helps us keep our systems and data secure,” she added.
“The team takes a lot of pride in making sure that people who use John Deere systems have the right access, but not more access than they need. It’s a delicate balance between security and usability.”
