Most people imagine cybersecurity breaches as malware, phishing, financials or websites being held hostage or personal data getting stolen. For one Canadian farm though, digital vulnerability recently risked some very real world impacts.
A grain drying system was on the list in late October when the RCMP reported a string of incidents where internet accessible control systems had been hacked.
In one case, water pressure values were tampered with at a community water facility, an Oct. 29 release noted. False alarms plagued an oil and gas company after hackers got access to a automated tank gauge. In the case of the farm, temperature and humidity levels were altered — a potentially dangerous prospect when it comes to grain dryers.
Read Also
VIDEO: Watering system a cattle health win
Portable livestock watering system helps Manitoba beef producer combat foot rot cases on pasture.
WHY IT MATTERS: Grain dryer settings are carefully controlled to reduce the risks of a dryer fire.
Ottawa warned that many of these systems in use on farms are old and have outdated security features, which allows hackers to gain access to them and then into other programs controlled by the same device.
Hacks have taken various forms from malicious damage to ransomware attacks.
According to a 2024 survey by MNP, farms may be particularly vulnerable to these types of attacks, with hackers targeting the various internet accessible control systems used, such as grain bin monitoring or automated dairy barn systems. Adding to that vulnerability, the survey found 80 per cent of the 541 farms in the study had no security plan in place.
“(Farmers) are rapidly modernizing things with connected tractors and remote sensors with everything automated, like watering bowls and grain dryers” says Tyler Moffitt, senior security analyst at OpenText Cybersecurity.
“The problem with many of these systems is they were never designed to be connected to the internet. They’re decades old, designed to last 20 years and not fend off modern tactics and modern criminals.
“Hackers, whether it’s for money or activism, know this and they probe for misconfigured or unauthenticated access every day. That’s usually how they get in.”
That means these older control systems provide an easy gateway to gain access to a farm’s digital system. And once in, they can then infiltrate other programs and software.
“Hackers don’t struggle,” he adds.
“They have no problem getting in through these exposed services. A lot of the time it’s weak or absent log-in protection. We see this all the time.”
Big picture problem
Moffitt said the vulnerability of these older control systems is so significant that hackers could disrupt food and agricultural management systems on a national scale.
These kinds of attacks have caused serious damage at chemical plants and other types of industrial operations just by something as simple as disrupting temperature controls, causing explosions or other damage.
Historically, hackers were motivated by activism, such as animal rights groups, but now attacks are primarily motivated by money through ransomware.
“They cut off your (file) access and demand payment to restore them,” says Moffitt.
While paying these extortionists isn’t a guarantee they will restore files and service, Moffitt says most of the time they do.
“The ransom or extortion racket wouldn’t have any credence and no one would pay if they didn’t get operations back,” he says.
“So around 95 per cent (do).”
Anatomy of a hack
Many times these criminal hackers frame it as involuntary security testing, providing a victim with a breakdown of how they got in and what needs to be done to protect from further attacks.
“Which is kind of crazy,” adds Moffitt.
“It’s bottom of the barrel ethics justifying what they did. In the ransom note, they try and phrase it as if they’re doing you a service.”
Many attacks come from groups associated with unfriendly countries, such as Russia and North Korea. The number and co-ordination of attacks on infrastructure tends increase when hostilities break out, such as the invasion of Ukraine.
After an announcement that Canada was pledging some material support for Ukraine, a railway was attacked by one of these groups.
Major farm equipment manufacturers such as Agco and Lemken have also been victimized.
However, other criminal groups are also engaging in hacks.
Are you at risk?
Moffitt says farmers should consider the older control systems they have to be the most vulnerable.
Passwords and access configurations should never be left as they were when installed with default settings, he says. Hackers can actually look those up and start an attempted hack from there. Despite that, he has found it common for many users to still use default settings, providing hackers an easy entry point.
Segmenting access to different online operations, keeping access to various software separate, such as through a VLAN (virtual local area network), can limit the damage from a hack.
If possible, removing systems from internet access removes the risk of hacker getting in through them.
“Set up secure gateways, rather than open ports,” Moffitt suggests.
“Multi-factor authentication is probably the biggest single thing you can do stop them.”
That involves authorizing access through two or more ways such as with an online password verified by a text sent to a cellphone at an predetermined number.
“Identity is the new perimeter,” Moffitt says.
“It’s the new attack (method) criminals are going after.”
