Today’s agriculture, now described as “precision agriculture,” works far differently than it did a few decades ago. Precision agriculture is possible due to the advancement of technologies such as artificial intelligence (AI), robotics, cloud computing, smart sensors, and actuators.
These are embedded in connected farming technologies and collect large amounts of data from crops and livestock through satellites, drones, sensors, and robots. When integrated into modern farming practices, these technologies can lower costs and improve yields and production.
The agriculture industry consists of many entities, including seed and fertilizer companies, agricultural retailers, farmers and ranchers, agricultural credit institutions, crop consultants, food manufacturers, transportation and logistics companies, and ingredient manufacturers.
The sequence of activities in the production, processing, and delivery of agricultural products from the farm to the end consumer form an intricate supply chain in agriculture.
The connection between agriculture and cybersecurity may be surprising to some, as farming and ranching are not typically perceived as highly technical industries. But today’s agriculture industry faces many cybersecurity threats, just like any other industry, as more sophisticated technologies are used to allow businesses to be more profitable, efficient, and environmentally friendly.
Operational and Information Technologies Converge
Many of these farming technologies, like robots, temperature and moisture sensors, aerial images, and GPS, fall into two broad categories: Operational Technology (OT) and Information Technology (IT). OT includes the hardware and software systems that control and monitor physical devices and processes. IT refers to the use of computers, software, networks, and other technologies that store, retrieve, transmit, and manipulate data and information.
The use of OT and IT improves the productivity and efficiency of agricultural business operations, but the “smart” devices in OT and IT also include software and hardware vulnerabilities. When cybercriminals exploit these vulnerabilities, it interrupts business operations and puts them at risk. If the OT and IT found in the agricultural supply chain are compromised, this can disrupt the supply chain and the huge part agriculture plays in the economy. It is critical for each entity to implement security measures to secure the agriculture supply chain.
Additionally, many farms are in remote rural areas without support from critical infrastructure. Communication networks in agriculture are quite different due to bandwidth, transmission range, and power consumption requirements. Crop input data generated from sensors on Internet of Things (IoT) devices are routed to a data repository via communication networks, and vulnerabilities can be found in hardware, software, communication protocols, and among data consumers, making cybersecurity a true concern in the agricultural sector, with issues including the following:
- Precision agriculture depends on crop input and is data driven. Therefore, data security, including confidentiality, integrity, and availability, is important in precision agriculture but ensuring data security and privacy across all entities in the agriculture supply chain is not an easy task.
- Agriculture outputs are time sensitive. Cybercriminals may target agriculture industries for ransom in harvesting season when crop yield and quality are on the line. The downtime of any information systems and smart technologies in the agriculture sector should be minimized.
- Many stakeholders in the agriculture industry may have limited awareness and understanding of cybersecurity threats. This lack of awareness can make them more susceptible to attacks and less likely to implement proper cybersecurity measures.
- Many studies have been conducted on cybersecurity in IoT, predominantly in enterprise networks. Few studies were conducted on IoT in agriculture, so it is not clear as to the types of data, critical infrastructure, and specific operational security assessment needs in precision agriculture, creating a need for more research in this area.
- Any solutions resolving cybersecurity issues in agriculture should be based on specific threats and attacks targeting the agriculture sector. Like other sectors, vulnerabilities in agricultural IoT need to be studied.
- IoT devices are resource constrained devices. The constraints on IoT devices limit the selection of security mechanisms to ensure data security. Widespread adoption of rural broadband is still a roadblock for connectivity. A lightweight and resource-aware secure communication scheme that is safe in both classical and quantum computing is desired.
Agriculture is a serious potential target for cyber criminals, whose attacks could severely impact America’s agricultural domestic and international output and have significant supply chain implications.
The minute the systems controlling the computing of our tractors, water sources, or fertilization are disrupted by a cyber threat, it will be catastrophic. We must apply research and technical learnings to illustrate how the agriculture industry can be kept secure.
Read more from DSU: Five Ways to Educate the National Workforce on Cyber Hygiene