Many of today’s farming operations rely on data more than most other small businesses. But what happens if a farm’s data is suddenly lost or compromised? How would that affect operations?
Losing field data maps and other files, not to mention business and employee records, could become a big problem.
In today’s global environment there are more threats to data than ever. One of them is ransomware. That’s when a hacker gains access to a company’s system and encrypts all its files, then demands a ransom before the owner can regain access.
Read Also
Swather-sprayer retrofit a clever solution to winter wheat’s tight planting window
A system to spray pre-seed herbicide at the same time as swathing isn’t just a clever labour-saver, but could help overcome one of the biggest obstacles keeping Prairie farmers out of winter wheat: the timing.
A 2021 survey of 463 Canadian companies conducted by Telus showed 83 per cent reported an attempted ransomware attack. Most of the surveyed companies reported not just one, but multiple attacks. That was three years ago, and things haven’t improved.
The report concluded this is also a problem for small companies. Seventy-one per cent of the companies surveyed working in the agricultural sector reported being attacked, making that group one of the most frequently targeted.
LISTEN: The Cyber-Savvy Farmer
One of the top ways criminals gain access is through fake emails containing dangerous attachments, according to the survey.
“Be very, very careful with email,” agrees cybersecurity expert Brennan Schmidt, a principle of AlEUS Consulting Group. “That’s a popular place this tends to happen — through email.”
Criminals often do research into an organization before targeting it, says the report. That can include learning about who works there and how much money the company could afford to pay as a ransom to have their files restored. So, emails could sound legitimate and even include employee names or familiar information to convince someone to open a file that creates a path into an organization’s data files.
While having backups is an important aspect to protecting files against ransomware attacks, just where and how those files are stored is important.
“In a lot of cases backups are so, so important, especially off-line backups,” says Schmidt. “They’re going to be helpful for getting things restored.
“The thing is these cyber tricksters are very eager to go after backups. If folks have elected to go with a backup on the network. In some cases, they (criminals) will scour the network and make sure to hit the backups too.”
Schmidt says cloud services like Microsoft 365 are a consideration for farm organizations to use for backing up data, because they offer enhanced protection from cyberattacks.
“It’s a lot more difficult to delete or alter. For a farming operation you’d likely want to think about going with something that’s a bit more commercial grade (than iCloud. Especially if you have multiple employees, you don’t want to be using that consumer grade service for that larger scale. There are a whole host of them.”
But even those cloud services aren’t immune from cyberattacks. The number of attacks against them has been on the rise, according to the Telus report.
Because farms often use digital files from other services, like agronomy firms, it’s possible for an attack to come through a vulnerability in their systems.
“When you go with a specific supplier or vendor, you’re really beholden to how well the vendor has designed its systems to be safe,” says Schmidt.
Paying a ransom to a cybercriminal doesn’t guarantee you’ll get your files back. Only 42 per cent of those in the Telus survey who reported being attacked claimed they got all their data back after paying a ransom. Seven per cent didn’t get anything. Over 60 per cent were victimized again.
There are other non-criminal ways to lose data as well, such as a fire in a farm office where a computer and backups are kept, or just a simple computer failure.
Schmidt says there is value in having everyone in the farm organization sit down and discuss how to deal with a loss of data.
“A handful of folks that are part of the same operation get together at the same table to facilitate an exercise where you ask a series of questions, if this was to happen, what do you have in place to respond to that? A lot of times when you do those activities, you find there are a lot of gaps that can be shored up.
“For producers, I think tabletops are a great way to say I have all of this technology here and if it went down, here’s how we would go about doing a backup operation.”
Working to avoid being a victim is the first step to protecting data. Training employees to be suspicious of emails and attachments, as well as using multi-factor authentication for online access are good starting points.
Schmidt adds that keeping some systems separate can be helpful.
“Try to get away from plugging things into networks for them to work. For example, if you have a camera you use to watch cattle or something. It might be better to get that on a separate network
“It really comes down to simple things folks don’t generally tend to do.”
