American agriculture remains vulnerable to cyberattacks; some experts see 'previously unimaginable risks'

Unlike industries such as banking, U.S. agriculture is vulnerable to digital attacks due to a lack of internal support -- and attitudes that prevent information sharing and analysis that could fend off hackers, reports Eric Geller for Wired magazine. "In the past few years, cyberattacks on the meat processing giant JBS Foods and the Iowa farm services firm NEW Cooperative have laid bare the industry's widespread vulnerabilities. . . . . New technologies, including advances in artificial intelligence, are creating previously unimaginable risks, overwhelming a workforce not accustomed to dealing with digital security. . . . food and agriculture is one of only a few critical infrastructure sectors that doesn't have an Information Sharing and Analysis Center, or ISAC, helping companies fight back."

Work at a meatpacking plant Getty Images photo via Wired

Geller notes that U.S. agriculture is filled with protection shortfalls that attract hackers, and "Farmers are also vulnerable to more immediate sabotage. The same remote-access technology that enabled John Deere to remotely disable a batch of Ukrainian tractors stolen by Russian forces could let hackers turn off millions of tractors across the U.S. . . . Inside the massive industrial facilities where most chickens are raised and slaughtered, the temperature and humidity are precisely controlled by internet-connected computers. With control of this system, hackers could engineer a catastrophe."

Geller reports, "Today, food and agriculture is one of four critical infrastructure sectors (out of 16) without an ISAC, along with dams, government facilities, and nuclear reactors and materials. . . .Despite being increasingly vulnerable, Marcus Sachs, director at Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security, says the food and agriculture sector still 'doesn't really understand the threat mindset' as well as higher-profile sectors, like financial services and energy, do. . . . the Department of Agriculture has shown 'very little interest' in cybersecurity, says Sachs, who has tried to prod officials into action."

U.S. Rep. August Pfluger, R-Texas, told Geller, "Agricultural and food security is the foundation of American security. . . . Plenty of folks I've spoken with think there needs to be a dedicated ISAC. . . . Without a stable food supply, society stops functioning." Still, the sector needs to have multiple supports added for protection. Geller reports, "Pfluger's bill, the Food and Agriculture Industry Cybersecurity Support Act, would create new federal resources for companies, require improved coordination between government and industry, and launch a Government Accountability Office review of the sector's situation, including whether an ISAC is necessary."

Meanwhile, "Experts say the government could better use its existing programs to help," Geller writes. "Sachs and his colleagues are even considering helping a coalition of land-grant universities launch an ISAC that would both facilitate information sharing and prepare students to enter the food and agriculture workforce with key cyber skills. . . .Whether or not the sector forms an ISAC, there's widespread agreement that more must be done to counter the growing array of threats endangering these companies and the hundreds of millions of people who rely on them for basic sustenance."