Experts mark Stuxnet as the first major cyberattack. It only took a 500kb computer worm to decimate an Iranian nuclear fuel facility. That's less than the size of a selfie on your phone. Unfortunately, things have only gotten worse. Currently, organizations in a wide variety of industries experience hundreds of attacks each week, and recent research indicates ransomware attacks have increased more than 100% over the previous year.
You might think the agriculture industry is safe, but there's a saying in cybersecurity: it's not if they hack it but when. The FBI recently released a warning for the agriculture industry about the dangers of ransomware attacks, specifically during critical times of the year.
Cyberattacks tend to have one of two purposes: to do damage or make money. The ones that do damage tend to be political in nature, such as cyberwarfare. This is a concern to keep in mind as cyberwarfare between the US and its enemies is ramping up.
In most cyberattacks, however, hackers steal sensitive information and sell it to the dark net. When using ransomware, hackers encrypt your data, hold it hostage, and demand payment to decrypt it. If you do not comply promptly, they release your information to the dark net. Ransomware is especially insidious because hackers know how to exploit their targets. They often hold the data hostage when the owner needs it most. That means agriculture ransomware could disrupt a country's food distribution.
Ransomware payments are not cheap. The whole point is to get victims in a desperate situation so they will pay anything. For example, the meat supplier JBS had to pay $11 million in extortion fees. The important thing to understand here is that there is no going back. If you’re attacked with ransomware unprepared, the hacker won't give back your data without payment. You won’t be able to rely on IT support or the government to crack the encryption. The impressive encryption algorithms you use to secure your data can be used against you. Once a hacker encrypts your data with ransomware, it often can’t be decrypted without their assistance.
The FBI cyberattack warning came on the heels of dozens of cyberattacks on agriculture organizations across the US, which tends to happen right before a significant planting season. It’s not difficult to imagine how this could cause severe damage to US food production and distribution.
For example, an attack on a grain producer could have devastating effects. Grain is not just essential for humans to eat. It's the primary source of food for animals, too. Such an attack could cause animals to starve and die. Products could go bad. The setbacks of a ransomware attack could cause prices to soar during a time of great need.
There is a silver lining to this story. Agricultural producers like Ocean Mist are taking control of their data with cybersecurity solutions. The cost of a cyberattack could do considerable damage to a producer, but a few small changes now can prevent the devastating effects of a cyberattack in the future. Producers who are unsure how to proceed should consult with a cybersecurity professional to do risk assessment and planning for the future.
Ransomware hackers prey on the unprepared. A dedicated IT team isn't necessary to prevent ransomware; the simplest steps are often the best. The FBI’s warning includes a few tips for avoiding cyberattacks, particularly ransomware.
We've all been there before. Your computer or phone notifies you that you should update your device, and rather than heed it right away, you swipe away the notification. You might be thinking you'll get to it soon, but that's the wrong mindset. Updates include patches to vulnerabilities. That means every second that you fail to patch your computer, you’re leaving a doorway open for hackers. To protect against ransomware that can shut down a critical industry, you need to install updates ASAP.
Windows computers can schedule your updates later in the day. They can schedule updates for when you're not using the computer, or they can force an update. Making sure to update all office equipment is a small step that pays big dividends. Updates are quick enough that this shouldn't slow your operations.
In the cybersecurity industry, they say you should have at least three backups, only one of which should be in the cloud. Backing up is easy and only takes a few minutes at most. You can use free software like FreeFileSync to automate this process. It's vital that a few of your backups stay offline. Do not make the mistake of leaving your backup hard drive plugged in at all times; if a hacker compromises your device, they can compromise that backup, too.
Cloud storage services are great, but they can't protect against ransomware. The best thing you can do is have air-gapped storage. Even keeping critical files on a flash drive is better than nothing.
Short passwords with phrases and only a few extra characters are very weak. Generate strong passwords with lots of symbols and characters. These are hard for hackers to hack. Consider using a password manager to help you keep track of these complex and diverse passwords.
2-factor authentication (2FA) adds an extra layer of security that hackers cannot easily bypass. Try to avoid 2FA that uses your phone number or email address. If a hacker compromises your phone or email, they also compromise your 2FA. Consider a 2FA app like Google Authenticator.
Hard drives retain data even after you delete it. Forensic tools can recover data from hard drives that no longer function, and solid-state drives (SSDs) are nearly impossible to erase for good. Wiping your old drives in accordance with ITAD standards prevents bad actors from capturing your data even if you dispose of a hard drive.
Cyberattacks are growing all the time, and ransomware could bring your organization to a halt. Preparation can prevent or mitigate the damage. LinkSource provides consulting and solutions to strengthen your defenses and prevent you from becoming a victim of agricultural ransomware. To learn more about how we can support your business, browse our blog, or read our recently published case study on how LinkSource protected Ocean Mist’s assets as their trusted technology advisors.