Ensuring your farm is safe and secure from ransomware and cyber attacks is imperative. According to Cybersecurity Ventures, an online cybercrime magazine, the latest prediction of global ransomware damage costs will reach USD$20 billion by 2021, 57X more than in 2015, making ransomware the fastest growing type of cyber crime today.
No industry or sector is exempt from being a target of these vicious attacks. Not even the agricultural sector.
But why the focus on farms and its operations?
When a supply chain is disrupted, there is often production downtime that results in a business losing revenue. The bigger the supply chain, the bigger the production downtime, the more likely the business will pay the ransom to get its operations up and running. Being one of the most profitable sectors globally, agricultural businesses tend to bring in around AUD$80m per week. A supply chain disruption in large-scale agriculture businesses will lead to massive production downtime, and huge financial losses – something this sector would rather avoid, and something cyber criminals are starting to become aware of.
This is evident in the latest attack recently felt by JBS, the world’s biggest meat producer who had to pay USD $11M in ransomware, with Russian-based REvil allegedly claiming responsibility for the attack. The Russian group has confirmed they are planning to target and disrupt the agriculture sector more going forward. With new threats on the horizon, securing your IT networks and protecting yourself from ransomware has never been more important.
Global research and advisory company, Gartner, says that 90% of ransomware attacks are preventable.
It all comes down to how well-equipped your systems and people are when attacks threaten. Do not wait until your vulnerabilities are exposed before you act. Take proactive steps today to ensure your future is secure.
What you can do to stay secure
No matter the size of your farm operations and your budget, one of the best ways to arm yourself against ransomware threats is to train your staff to recognise phishing emails and how to react to them. This is a continuous process because cyber criminals don’t give up and will try again and again to tap into your organisation. Infrastructure aside, people are the key vulnerability when it comes to protecting your business.
91% of cyber attacks are spear-phishing email, which are commonly used to infect organisations with ransomware, says Cybersecurity Ventures.
Dmitry Butko, Cyber Security Lead at Outcomex (parent company of Farmdeck), says: “Security measures have to take your assets and risk appetite in account, but it is also important to understand that you need to secure your low-value assets as they can be used as jump box to higher value assets.” What this means, he explains, is that while your devices may be secure, cyber criminals can still be able to gain access through other ways, such as through your family member’s laptop because they are also connected to the same network and their operating system and software protection may be lacking. You need to ensure that all reasonable measures are taken to protect your business.
“The other important control is ensuring your backups are ongoing and to make sure that you test them frequently – no matter whether you have a single computer, or a significant IT estate,” says Dmitry. Unfortunately, with ransomware attacks, restoring from backups is sometimes the only effective measure – even if you pay ransom, cyber criminals often ‘forget’ to share the decryption key.
A small step in the right direction is to ensure that you have multi-factor authentication. This gives farm operations, no matter their size, a helping hand when it comes to protecting its systems from attacks.
Often, the most overlooked aspect in terms of cyber security on a farm is its investment in IT systems and infrastructure. What could protect you one year ago is no longer sufficient to protect you today. You need to constantly keep upgrading your infrastructure.
For bigger farm operations
For bigger farms, Essential Eight is good to start with, advises Dmitry. The Essential Eight is a set of mitigation strategies to protect organisations from cyber attacks and security threats. The strategies cover prevention, minimisation, and recovery, and they can be customised based on your organisation’s risk profile and level of threat.
The Essential Eight strategies are designed to:
- prevent cyber attacks
- limit impact from cyber attacks
- support data and systems recovery after a breach or natural disaster
As cyber threats continue to rise, by complying with the Essential Eight strategies you can reduce the risk for your organisation and respond to threats with smart cyber security strategies to protect your data.
The Essential 8 Strategies
Mitigation strategies to prevent malware delivery and execution
- Application whitelisting
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
Mitigation strategies to limit the extent of cyber security incidents
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
Mitigation strategies to recover data and system availability
- Daily backups
Smaller farm operations
For smaller farm operations, Dmitry advises following the tips set out in the Small Business Cyber Security Guide, available from the Australian Cyber Security Centre. The guide explains that while you must be aware of phishing scams, they are not limited to just emails. They are increasingly sophisticated and harder to spot, and can come in the form of emails, SMS, social media and instant messaging. The guide points out to be cautious of:
- Requests for money, especially if urgent or overdue
- Bank account changes
- Requests to check or confirm login details
Make sure that you keep your operating systems and software updated, and always backup your business. Setup or turn on your auto-update, especially for your operating system and your anti-virus software. This will ensure that your devices are always kept up to date with the latest online security, protection, and enhanced efficiencies for your device and programs. Don’t forget to switch on auto-backups so that your data and information saves automatically without you having to save it manually. If you use an external backup device, the guide recommends that you safely disconnect and remove your backup storage device after each backup so that it is also not impacted during a cyber incident.
Alternatively, if you are unsure of what to do, or are not sure how to do it, you can speak to us about how we can help you protect yourself.
Let us help you strengthen your infrastructure vulnerability
Our dedicated team of cyber security practitioners focus on excellence in governing, deploying, managing, and monitoring security portfolios, ensuring environments are alert to the latest threat profiles. Our approach to cyber security streamlines our customers’ environments by carefully curating vendor solutions. We ensure they work together and fit into your security estate. This reduces time to respond to cyber security incidents by increasing toolset efficiency, reducing running costs and helping you free resources for prevention, rather than a reactive approach.
Reach out to us today and let us help you strategise on how best to prevent, detect and respond to a ransomware attack.