Last Thursday, Federated Co-operatives Ltd. posted on X that it was “experiencing a cybersecurity incident” that was affecting some internal and customer-facing systems at cardlock and retail Co-op locations. It had shut down some systems as a precaution and had brought in experts, the company added.

Gas bars were relatively unaffected.

Some Co-op grocery inventories were affected by the incident.

“We are prioritizing key grocery items and consumer goods for delivery to local Co-ops,” Federated Co-op said on X yesterday.

There is no evidence customer data has been compromised, the company said.

The post Federated Co-op cardlocks “fully operational” company says appeared first on Manitoba Co-operator.

Brian Osterndorff, chair of the board of the Canadian Equipment Dealers Association, and president and CEO of Robert’s Farm Equipment, a seven-store group in Ontario, said on June 26 that they had just been informed that they could use the system again.

Tech firm CDK’s software was taken offline last week after a cyberattack by the BlackSuit ransomware group. CDK is being asked to pay tens of millions of dollars by the hackers. Reuters reported yesterday that the company expected dealers to be offline until at least June 30, but some dealers had functionality returned on June 26.

CDK provides business management software to dealers of all makes of farm equipment, so major dealers of John Deere, CNH and are working without digital systems across the country. CDK is also the leading provider of management software to automobile dealers and thousands of those dealerships are offline.

CDK says it has 15,000 North American dealers on its system.

Wawanesa, Man. farmer Jeff Elder said he was able to get what he needed on a recent parts run to the Rocky Mountain Equipment dealership in Brandon, however staff were relying on memory to find parts or looking them up on their phones.

“They had resorted to writing down orders on paper,” said Elder via text. “He couldn’t invoice me and said I would receive an invoice by email whenever they could get that done.”

Rocky Mountain Equipment declined to comment.

“Everything is being done manually,” said John Schmeiser, President of the North American Equipment Dealers Association (NAEDA) Canada. “You can just imagine the amount of time that our dealerships are spending on manual processes.”

Parts are tracked and managed through digital inventory systems.

“We have to actually know where the part is, in, in a bin, to go out and find it and fulfill that customer’s order without using our computer system to tell us where it is or how many that we have on order.”

Invoicing also has to be manual, said Schmeiser.

Osterndorff said that looking up parts, connecting parts to work orders and completing sales couldn’t be accomplished using their digital system and staff had to do the work manually.

Farmers are spraying and preparing combines for harvest so dealers continue to work as best they can.

“We can’t shut down the business, we have to take care of the customer,” Schmeiser said. “Dealers are really managing through this as best as they possibly can.”

Osterndorff says they have a team of people coming to dig out from the past week’s paperwork and get that information into the digital system.

He says they’ve learned that dealerships can continue to function, “but I think it’s just increased awareness right now of the vulnerability that we all are all have, and the effect that it has in our business.”

Schmeiser said the situation will be a wake-up call for the industry and will place even more emphasis on cyber security.

“I think as an industry as a whole, this whole situation is going to be looked at, at every sector, from the manufacturer point of view and the equipment dealer,” he said.

“We’re asking our customers or farm customers to be a little bit patient with our dealers, as we work through this problem. This is this is an issue that is not only frustrating for our equipment dealers, but can be frustrating for our customers as well.”

—Updated June 27 – adds John Schmeiser’s title, organization.

The post Some farm dealerships back online after cyber attack appeared first on Manitoba Co-operator.

The company on Thursday released that estimate as part of its fourth-quarter financial report, in which it booked a Q4 net loss of $41.49 million on $1.186 billion in sales and a full-year net loss of $311.89 million on $4.739 billion in sales.

During its fourth quarter, on Nov. 6, 2022, Mississauga-based Maple Leaf confirmed it was hit with a “system outage stemming from a cybersecurity incident.”

In Thursday’s report, the company reiterated it “took immediate action and engaged cybersecurity and recovery experts” upon learning of the attack, and “executed its business continuity plans” as it restored affected systems.

Maple Leaf said it was able to maintain operations throughout the event and work with customers and suppliers to “minimize service disruptions,” but nevertheless, its “normal business activities were interrupted.”

With that came the expenses of “system restoration costs, lost sales, overtime, spoiled inventory” and professional fees paid to its experts, the company said.

The company on Thursday estimated fourth-quarter “direct and indirect economic impact” of “at least” $23 million relating to the incident.

Maple Leaf also said it expects to recover some of those costs through related insurance payouts later in 2023. CEO Michael McCain said those amounts can’t yet be booked into the company’s financial results but the company is “very confident” it will be able to recoup some of those costs.

Asked Thursday about the nature of the cybersecurity attack, a company spokesperson said via email the attackers in this case “did try to extort a ransom from us and we refused to pay.”

Maple Leaf in November reported “operational and service disruptions that vary by business unit, plant and site.”

The company’s operations in Canada include hog slaughter plants at Brandon, Man. and Lethbridge, Alta.; five fresh poultry plants in Ontario and one at Edmonton; hatcheries in Ontario and Alberta; five feed mills in Manitoba; and pork and poultry further-processing sites in five provinces. The company recently opened a major new poultry plant at London, Ont.

As for its livestock production, “our farms have adjusted their practices due to the system outage, and we feel confident in our ability to care for our animals and meet their needs,” Maple Leaf said at the time.

On a call with market analysts Thursday, McCain said the $23 million estimate reflects a combination of “incremental” costs incurred as a result of the company’s “entire team” shifting its focus to deal with the incident.

Within less than 48 hours of the attack being discovered, he said, staff were able to shift operations to “fully manual… essentially paper-and-pencil” while company information systems were cleaned and rebooted.

While the company didn’t use the word in its report, the nature of the attack points to ransomware — a form of malware that either encrypts a targeted computer system’s files, rendering them unusable, or removes a system’s sensitive data.

A ransom, usually payable in cryptocurrency, is then demanded of the system’s owner, in exchange for a decryption key or the missing data.

Maple Leaf’s outage isn’t the first ransomware attack in Canada’s meat packing sector. Canadian operations of Brazilian meat packer JBS briefly halted in the summer of 2021 when that company’s U.S. arm was hit by what was later confirmed to be a ransomware attack.

However, where Maple Leaf says it refused to pay, the CEO of JBS USA later confirmed the company did pay a cryptocurrency ransom equivalent to about US$11 million.

Andre Nogueira was quoted by Reuters at the time as saying “we felt this decision had to be made to prevent any potential risk for our customers.” — Glacier FarmMedia Network

The post Cyberattack a $23 million hit on Maple Leaf ledger appeared first on Manitoba Co-operator.

The company said in a release Monday that it “took immediate action and engaged cybersecurity and recovery experts” when it learned of the problem, and its in-house and third-party experts are investigating.

A company representative said separately via email Monday that the incident has caused “operational and service disruptions that vary by business unit, plant and site” but didn’t specify which facilities were or are affected or how.

Mississauga-based Maple Leaf’s operations in Canada include hog slaughter plants at Brandon, Man. and Lethbridge, Alta.; five fresh poultry plants in Ontario and one at Edmonton; hatcheries in Ontario and Alberta; five feed mills in Manitoba; and pork and poultry further-processing sites in five provinces. The company in late September also announced it had completed construction work on a major new poultry plant at London, Ont.

“Our farms have adjusted their practices due to the system outage, and we feel confident in our ability to care for our animals and meet their needs,” Maple Leaf said via email.

Asked Monday about the nature of the incident — a ransomware attack or computer virus, for example — Maple Leaf wouldn’t specify, but said via email it’s “deploying our business continuity plan and implementing workarounds to mitigate the impact on our operations and business.”

Meanwhile, it said it “expect(s) some disruption in our operations and service levels” as it works on “restoring business continuity.”

In its release, it said it “will continue to work with all its customers and suppliers to minimize these disruptions.”

Maple Leaf’s systems outage isn’t the first cybersecurity breach to affect Canada’s meat packing sector. Canadian operations of Brazilian meat packer JBS briefly halted last summer when that company’s U.S. arm was hit by what was later confirmed to be a ransomware attack.

Elsewhere in Canada, major grocery firm Empire Co., whose retail chains include Sobeys, Safeway, IGA and FreshCo among others, also announced Monday its operations have been affected by an unspecified “IT systems issue.”

Empire said in a release its grocery stores remain open as usual and aren’t yet seeing “significant disruptions,” except that some in-store services are “functioning intermittently or with a delay” and some in-store pharmacies are “experiencing technical difficulties in fulfilling prescriptions.” — Glacier FarmMedia Network

The post Cybersecurity ‘incident’ hits Maple Leaf systems appeared first on Manitoba Co-operator.

The Brazilian meatpacker’s arm in the United States and Pilgrim’s Pride, a U.S. chicken company mostly owned by JBS, lost less than one day’s worth of food production following the hack, according to a statement. It said the losses will be recovered by the end of next week.

JBS has recovered faster than some meat buyers and market analysts expected from Sunday’s ransomware attack, which the White House linked to a Russia-based group.

The attack followed one last month by a group with ties to Russia on Colonial Pipeline, which crippled fuel delivery for several days in the U.S. Southeast.

JBS voluntarily shut down all its systems to isolate the intrusion upon learning of the attack, which failed to infect encrypted backup servers, according to the statement.

“The criminals were never able to access our core systems, which greatly reduced potential impact,” said Andre Nogueira, chief executive of JBS USA.

U.S. beef prices initially jumped as the attack tightened supplies. However, American consumers should not see a lasting impact on prices “if the situation continues to resolve quickly,” a U.S. Department of Agriculture official said.

“The market is moving toward normalization,” the official said.

JBS on Tuesday halted cattle slaughtering at its U.S. plants, which process nearly a quarter of America’s beef, according to union officials.

The company’s Canadian beef slaughter plant at Brooks, Alta., also part of the JBS USA unit, reported cancelling shifts Monday and Tuesday but resumed production Tuesday.

By Thursday, the number of cattle slaughtered by U.S. processors including JBS was up 27 per cent from Tuesday and 14 per cent from Wednesday, according to USDA estimates.

Last year, the U.S. meat supply chain buckled as COVID-19 outbreaks closed slaughterhouses, reducing production and raising prices.

“We need to invest in a food system that is durable, distributed and better equipped to withstand 21st century challenges, including cybersecurity threats and other disruptions,” the USDA official said.

— Reporting for Reuters by Tom Polansek in Chicago and Siddharth Cavale in Bangalore. Includes files from Glacier FarmMedia Network staff.

The post JBS says all facilities operating after weekend cyberattack appeared first on Manitoba Co-operator.

A notorious Russia-linked hacking group is behind the cyberattack against JBS, a source familiar with the matter said.

Brazil’s JBS controls about 20 per cent of the slaughtering capacity for U.S. cattle and hogs, so the plants’ reopening should prevent a severe supply-chain disruption.

JBS, the world’s largest meatpacker, said most operations resumed on Wednesday, “including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the U.S. and Australia.”

“We anticipate operating at close to full capacity across our global operations tomorrow,” JBS USA CEO Andre Nogueira said in a statement.

The cyberattack followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, which crippled fuel delivery for several days in the U.S. Southeast.

It is the third major attack this year tied to Russia, and White House press secretary Jen Psaki said on Wednesday the JBS hack was expected to be discussed at President Joe Biden’s mid-June summit with Russian President Vladimir Putin.

“We’re not taking any options off the table in terms of how we may respond, but of course there’s an internal policy review process to consider that. We’re in direct touch with the Russians, as well, to convey our concerns about these reports,” Psaki added.

“President Biden certainly thinks that President Putin and the Russian government has a role to play in stopping and preventing these attacks.”

The Russia-linked cyber gang goes by the name REvil and Sodinokibi, the source said.

Cybersecurity investigators have said they believe some members of the REvil ransomware team are based in Russia. The prolific ransomware group, perhaps best known for attacking an Apple Inc. supplier named Quanta Computer earlier this year, previously posted in Russian on cyber-crime forums, marketing stolen data.

In the Quanta Computer case, the hackers sent extortion threats and demanded a payment of US$50 million for the company to regain access to its systems.

Over the past few years, ransomware has evolved into a pressing national security issue. A number of gangs, many of them Russian speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.

Scrambling for beef

With North American operations headquartered at Greeley, Colorado, JBS sells beef and pork under the Swift brand, with retailers such as Costco carrying its pork loins and tenderloins.

U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses have confronted a labor shortage since COVID-19 outbreaks shut down many U.S. meat plants.

“It’s probably going to be pretty tight for the next few days because even though they (JBS) are going to start opening … who knows how they are going to run,” said Altin Kalo, economist at Steiner Consulting Group. “There’s a fair amount of people that are scrambling (for beef supplies).”

U.S. meatpackers on Wednesday slaughtered 12.5 per cent fewer cattle than a week earlier and eight per cent less than a year earlier, although slaughtering was up about 12 per cent from Tuesday, according to estimates from the U.S. Department of Agriculture.

Plants are expected to return to full capacity in the next couple days, said officials with the United Food and Commercial Workers (UFCW) International Union, which represents over 25,000 JBS meatpacking workers.

JBS also owns most of chicken processor Pilgrim’s Pride, which sells organic chicken under the Just Bare brand.

The company’s operations in Brazil, Mexico and the U.K. were not affected by the attack, JBS said.

Chicago Mercantile Exchange (CME) cattle futures rose on Wednesday after tumbling on Tuesday as the JBS plant shutdowns prevented farmers from delivering their cattle to slaughter plants.

The attack drew attention to the concentrated beef sector in the United States, where four companies including JBS slaughter over 80 per cent of fed cattle and shutdowns of slaughtering plants have a severe impact on prices that ranchers are paid for their cattle.

“The Justice Department needs to take a serious look into the meatpacking industry, and if they cannot, Congress needs to pass reforms that protect a fair and open cattle market,” U.S. senators led by Republican Mike Rounds of South Dakota and Democrat Tina Smith of Minnesota wrote in a letter to Attorney General Merrick Garland.

— Reporting for Reuters by Tom Polansek and Julie Ingwersen in Chicago and Nandita Bose in Washington, D.C.

The post JBS plants reopen as White House blames Russia over hack appeared first on Manitoba Co-operator.

Brazil’s JBS told the U.S. government that a ransomware attack on the company originated from a criminal organization likely based in Russia, according to the White House.

It is not known when JBS will resolve the cyberattack and resume operations at U.S. plants. The disruption quickly affected the beef market, industry analysts said.

JBS and three other beef packers in the U.S. account for the purchase and slaughter of about 85 per cent of all fed cattle.

CME August live cattle futures ended down two cents at 116.6 cents/lb. and hit their lowest price since Jan. 12 (all figures US$). August feeder cattle touched its lowest price since May 7 and closed 2.2 cents weaker at 149.15 cents/lb.

Prices for choice cuts of beef shipped to wholesale buyers in large boxes jumped $3.59, to $334.56 per hundredweight, according to the U.S. Department of Agriculture. Prices for select cuts climbed $5.55, to $306.45/cwt.

U.S. meatpackers slaughtered 94,000 cattle on Tuesday, down 22 per cent from a week earlier and 18 per cent from a year earlier, according to USDA estimates. Pork processors slaughtered 390,000 hogs, down 20 per cent from a week ago and seven per cent from a year ago.

The cyberattacks frustrated livestock producers, who are unable to deliver cattle and hogs that are ready for slaughter to JBS plants while they are closed.

Before the hack, cattle feeders complained about missing out on huge profit margins enjoyed by beef processors like JBS.

Last year, cattle and hog farmers suffered as COVID-19 outbreaks temporarily closed slaughterhouses, backing up livestock on farms and in feed lots.

In the pork market, CME July lean hog futures set a contract high and ended up 0.3 cent at 119.65 cents/lb.

— Tom Polansek reports on agriculture and ag commodities for Reuters from Chicago.

The post U.S. livestock: Cattle futures fall on cyberattack at JBS appeared first on Manitoba Co-operator.

JBS is the world’s largest meatpacker and the cyberattack caused its Australian operations to shut down on Monday and has stopped livestock slaughter at its plants in several U.S. states plus at least one in Canada.

The attack follows one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the U.S. Southeast.

White House spokeswoman Karine Jean-Pierre said the United States has contacted Russia’s government about the matter and that the FBI is investigating.

“The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day,” Jean-Pierre said.

“JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” Jean-Pierre added.

JBS sells beef and pork under the Swift brand, with retailers such as Costco carrying its pork loins and tenderloins. JBS also owns most of chicken processor Pilgrim’s Pride, which sells organic chicken under the Just Bare brand.

If the outages continue, U.S. consumers could see higher meat prices during summer grilling season and meat exports could be disrupted at a time of strong demand from China.

The disruption has already had an impact, industry analysts said. U.S. meatpackers slaughtered 94,000 cattle on Tuesday, down 22 per cent from a week earlier and 18 per cent from a year earlier, according to estimates from the U.S. Department of Agriculture. Pork processors slaughtered 390,000 hogs, down 20 per cent from a week ago and seven per cent from a year ago.

Prices for choice cuts of U.S. beef shipped to wholesale buyers in large boxes jumped $3.59, to $334.56 per hundredweight, USDA said (all figures US$). Prices for select cuts climbed $5.55, to $306.45/cwt.

The USDA, Department of Homeland Security and other agencies are closely monitoring the meat and poultry supply, a White House official said. The agencies are also working with agricultural processors to ensure products move efficiently and that no price manipulation occurs as a result of the cyberattack, the official said.

Affected systems suspended

JBS said it suspended all affected systems and notified authorities. It said its backup servers were not affected. A company representative in Sao Paulo said there was no impact on Brazilian operations.

The company said Sunday’s cyberattack affected its North American and Australian IT systems and “resolution of the incident will take time, which may delay certain transactions with customers and suppliers.”

JBS, with North American operations headquartered at Greeley, Colorado, controls about 20 per cent of the slaughtering capacity for U.S. cattle and hogs, according to industry estimates.

“The supply chains, logistics, and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments,” said threat researcher John Hultquist with security company FireEye.

U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses face a dearth of workers. Any further impact on consumers will depend on how long production is down, market analysts said.

“If it goes on a week or longer, you’ve got a major problem,” said Dennis Smith, broker for Archer Financial Services in Chicago.

Two kill and fabrication shifts were canceled at JBS’s beef plant at Greeley after the cyberattack, representatives of the United Food and Commercial Workers (UFCW) International Union Local 7 said in an email. JBS Beef in Cactus, Texas, also said on Facebook it would not run on Tuesday.

UFCW urged JBS to ensure workers receive their contractually guaranteed pay during the shutdowns.

JBS Canada said in a Facebook post that shifts had been canceled at its plant at Brooks, Alta., on Monday and one shift so far had been canceled on Tuesday. JBS’s Canadian assets also include case-ready meat processing plants at Calgary and at Belleville, Ont.

The United States Cattlemen’s Association, a beef industry group, said on Twitter that it had reports of JBS redirecting livestock haulers who arrived at plants with animals ready for slaughter.

Last year, cattle and hogs backed up on U.S. farms and some animals were euthanized when meat plants were shut during coronavirus outbreaks among workers.

A JBS beef plant in Grand Island, Nebraska, said only workers in maintenance and shipping were scheduled to work on Tuesday.

Over the past few years, ransomware has evolved from one of many cybersecurity threats to a pressing national security issue. A number of gangs, many of them Russian-speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.

Canadian federal officials in March announced funding for an initiative to promote and improve cybersecurity in the agriculture industry.

That funding, part of a larger national cybersecurity co-operation program, was expected to help close “critical gaps” in the sector.

— Reporting for Reuters by Caroline Stauffer, Tom Polansek and Mark Weinraub; additional reporting by Jeff Mason, Trevor Hunnicutt, Ana Mano and Joe Menn.

The post Ransomware attack on JBS halts Canadian, U.S. slaughter appeared first on Manitoba Co-operator.

That means that agriculture is well behind other important sectors of the economy in protecting its computer networks, says a cybersecurity researcher.

It’s a reality that has hit home for one Eastern Canada’s agro-retail and agronomic service providers. The Agromart Group, based near London, Ont., found itself the victim of a recent cyberattack when a hacking group locked down parts of its computer system, eventually leading to personal information of farmers being posted for auction after the company refused to pay a ransom.

Why it matters: Data thieves are increasingly seeing agriculture as an opportunity area as more individual data collection sources show up on farms.

Eric Allaer, who farms in southwestern Ontario, was one of those farmers. His information was posted to the internet by the hacker group Revil after it compromised the computer systems of the Agromart Group in late May.

After the system was locked and Agromart refused to pay a ransom, the hackers then decided to auction off the data to the highest bidder.

“Hackers were asking for money to get our data back. The decision was made not to pay in according to our values and authorities’ recommendations,” David Brand, Agromart’s general manager, said via email.

Brand says the data breach was contained to Agromart and didn’t affect any other connected businesses, such as its parent company Sollio.

Agromart was able to continue business operations, he said, although it operated “manually” for a while and he expects, “the situation will be back to normal shortly.”

Revil tried to sell the data on the dark web – a part of the internet not accessible by search engines and where business is conducted anonymously.

Revil posted some examples from the data it stole, including a mostly redacted credit application from Eric Allaer’s farm in the south end of Lambton County. The Agromart breach was widely reported by cybersecurity blogs and publications that monitor hacking and the dark web and some of them posted some of the example documents.

Putting up data for auction is a new tactic for groups like Revil, which is why it was covered by the cybersecurity press.

Brand says Agromart customers were contacted about the data breach and have been offered a year of monitoring of credit from Equifax at no cost. The company also created an Equifax hotline for customers with any questions.

Allaer says he was quickly contacted by his local Southwest Agromart. They met with him and signed him up for the year of Equifax monitoring.

Not a top-of-mind concern

Ali Dehghantanha, director of the Cyber Science Lab at the University of Guelph’s School of Computer Science, says farmers aren’t paying much attention to cybersecurity.

“I’ve talked with many farmers, very large farmers, who think that their internet service provider is responsible for security. They think that because they are a farmer in rural Canada, no one is attacking them,” he said.

Dehghantanha pointed to a survey of about 100 Canadian farmers, looking at their cybersecurity preparations. The study showed that most of the farmers weren’t willing to spend the money to install anti-virus software on their computer systems after a free trial had ended.

“That’s quite disappointing and quite dangerous,” Dehghantanha said. “Compared to other sectors like the financial sector, the level and state of cybersecurity in agriculture is way behind.”

That compares to a similar study in the Netherlands, where farmers were much more aware of computer hacking threats, possibly because of greater proximity to Russia where many of the threats originate.

It also contrasts with the financial and utilities sectors, where larger organizations have been active in creating standards for individual businesses and organizations to follow relating to cybersecurity, Dehghantanha said. Agriculture, meanwhile, still needs a sector organization to take the lead in developing those best practices, he argued.

Steve Brown, senior project manager for cybersecurity practice at BDO, says that there are three areas to consider when looking at small and medium-size business: people, process and technology.

Have staff been trained, updated regularly and do they understand high-risk data behaviour? Does the business have policies that are documented and can be referred to when a situation arises? Have they been reviewed and updated?

There may be data security technology that farmers and farm businesses can use, starting with antivirus software and moving to third-party monitoring of systems, Brown said. If the people and processes aren’t there, however, he added, technology will not solve the problem.

Pandemic increases risk

The COVID-19 pandemic, with its sudden surge of people working away from their corporate cybersecurity in favour of home offices, opened opportunity for hackers, Dehghantanha said. Less-protected home networks can give hackers an easier route to computer systems, he noted, while a greater mix of personal computing and business computing on the same machines can also ease the way for hackers.

If a worker is using a work laptop for personal email and they accidentally open an email from a hacker, that action could compromise not only their personal data, but also corporate data.

Mark Sangster, vice-president and industry security strategist at eSentire, an Ontario cybersecurity company, says the pandemic shifted thinking about cybersecurity from being iron clad in buildings where data could be protected, and quickly moved it outside. He doesn’t expect that data management will go back to being centralized.

In many ways, farmers have always worked like many people are working now – from home and on decentralized systems that are used for business and personal information.

Sangster says that manufacturing became a target for hackers when they realized that a great number of individual machines were connected to the internet. The same is now true of farms and agriculture companies.

“Farming and agro have been under their radar,” he said.

That’s changing, however. Earlier this year, the Talman Software hack in Australia shut down the wool trade, valued at $80 million per week. Talman Software is used to trade over 70 per cent of the wool in Australia and New Zealand.

“One thing I’ve said to farmers, if you make money and you can pay them, hackers will be interested in you,” Dehghantanha said.

Both Sangster and Dehghantanha say that as countries increase their aggressive cyber activities towards other countries, the food system would make an effective target. They could take control of systems and only use them when they want to create disorder. Think about the potential for closing down barn ventilation systems, Dehghantanha said.

Operations versus IT

The growth in connected devices is driving a larger shift to decentralized computer security. That means the end point, or the device has to be secure.

Those devices are often in the trenches, working with farmers in fields and barns, far away from cybersecurity experts.

That’s a challenge, says Sangster, as the people working with the device don’t have data security expertise, and the information technology people don’t understand what happens in day-to-day use of the device. It’s important to take the steps to bring both worlds together, he said.

Remember that hackers don’t have some giant computer bomb they send out to everyone and suck back in the data. Sangster says cybersecurity is all about, “hands on keyboards.” The hackers get their information because someone has made a slip and given them a route into the system.

Unfortunately, that’s a scenario Allaer knows too well and had gone through before the Agromart Group attack. A scam email that looked like it came from a bank resulted in the theft of money from the farm. Information was passed on to thieves.

“A substantial amount of money was taken out of one of our bank accounts. It opened our eyes,” he says.

At the farm level, Allaer’s office staff is vigilant about any emails that are out of the ordinary and his bank has been informed. Now some of his personal information has been made public due to the Revil hack.

“There’s always a fear that something could happen,” he said. “The fact that Southwest (Agromart) came forward right away said, ‘This is where we’re at with Equifax,’ they’re keeping an eye on it, the RCMP is involved in it and also a government ministry that deals with these things, so I kind of feel a comfort in all that.”

While the Agromart data breach has been a challenge for the company, Brand says that, “We are extremely far from high-profile cases which happen, sadly, too often in Canada. The investigation is well advanced, and we are confident that the scope of the event is minor.”

Good data hygiene

Almost everyone has raised their personal hygiene level during the pandemic with more handwashing and use of sanitizers. It could be time to increase data hygiene too.

Ali Dehghantanha, director of the Cyber Science Lab at the University of Guelph’s School of Computer Science, has several simple rules to reduce risk of losing data to hacking:

Passwords should not be shared among multiple accounts.

Having only one account to log on to a machine and many users who know the password is a risk. This is a particular challenge with on-farm system logins shared among family members and employees.

Change passwords every three months.

Use antivirus software and personal firewalls.

Push third-party providers about their cybersecurity and question them about their liability if their systems are breached.

Farmers now have numerous devices collecting data, both personal and for the farm. How is the data from those devices protected?

“Farmers have to have enough cybersecurity at their own premise.” Talk to cybersecurity experts and to system vendors in order to identify preliminary security gaps in day-to-day operations.

If there’s any sort of a breach, get credentials and passwords changed. Dehghantanha says that even after a known breach, it can take three months before people get around to revising their passwords.

– This article was originally published in Farmtario.

The post Data hackers coming to a farm near you appeared first on Manitoba Co-operator.