SoylentNews is people
SoylentNews
If hackers wanted to debilitate American society, they would have trouble taking down the entire power grid or financial system, but they could do serious damage to the companies that make and deliver Americans' food.
The US food and agriculture sector lacks the resources, expertise, and government support to protect itself and its products from a rapidly expanding range of cybersecurity threats, according to lawmakers, policy experts, and former government officials. These shortfalls leave gaps that foreign government operatives or cybercriminals could exploit to remotely disable farming equipment, contaminate fertilizer, cripple milk supplies, and kill chickens.
In the past few years, cyberattacks on the meat processing giant JBS Foods and the Iowa farm services firm NEW Cooperative have laid bare the industry's widespread vulnerabilities. And new technologies, including advances in artificial intelligence, are creating previously unimaginable risks, overwhelming a workforce not accustomed to dealing with digital security. Making matters worse, food and agriculture is one of only a few critical infrastructure sectors that doesn't have an information sharing and analysis center, or ISAC, helping companies fight back.
All of these shortcomings make food and agriculture companies a prime target for Russian operatives bent on vengeance for Western sanctions, Chinese spies seeking a competitive advantage for their domestic firms, and ransomware gangs looking for victims that can't afford downtime.
The federal government has recently begun addressing these dangers. Lawmakers are introducing bills and spotlighting the issue at hearings, and a presidential directive has spawned a series of reports and reviews. To the people most informed and worried about the chaos that hackers could cause, these developments are long overdue.
"Agricultural and food security is the foundation of American security," says US congressman August Pfluger, a Texas Republican who has sponsored a bill on the subject. "Without a stable food supply, society stops functioning."
Precision agriculture uses GPS sensors and satellite imagery to determine the right kind of fertilizer for every patch of soil and send instructions directly to tractors that automatically move around and spray the appropriate mixes. If hackers breached these systems, they could poison the crops of every farmer using them. The impact wouldn't be clear until months later, when the crops would begin to grow poorly or fail to grow at all.
Farmers are also vulnerable to more immediate sabotage. The same remote-access technology that enabled John Deere to remotely disable a batch of Ukrainian tractors stolen by Russian forces could let hackers turn off millions of tractors across the United States.
America's meat supply faces huge risks too. Inside the massive industrial facilities where most chickens are raised and slaughtered, the temperature and humidity are precisely controlled by internet-connected computers. With control of this system, hackers could engineer a catastrophe.
"You could lose tens of thousands of birds literally within 10 to 15 minutes," says Marcus Sachs, deputy director for research at Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security. "We've seen this happen before. It's almost like a wave goes through the chicken house, where they all just die."
Just-in-time logistics mean that even short-term cyberattacks can have serious consequences. Hacks that disrupt fertilizer or pesticide production can force farmers to sit out planting seasons. Breaches at meat-packing plants can cause destabilizing supply shortages. Tampering at a food processing firm can lead to deadly contamination. Already, ransomware attacks that have forced companies to shut down operations for a week have left schools without milk, juice, and eggs, according to Sachs.
"A major disruption in this sector leads to immediate public health and safety issues," says Mark Montgomery, who served as executive director of the Cyberspace Solarium Commission.
Despite being increasingly vulnerable, Sachs says, the food and agriculture sector still "doesn't really understand the threat mindset" as well as higher-profile sectors, like financial services and energy, do.
[...] "One vulnerability and attack," Pfluger says, "can lead to catastrophe for everyone downstream."
(Score: 5, Touché) by HiThere on Friday April 07, @08:12PM (3 children)
GPS should not require a connection to the internet. In fact the ONLY IOT things that are appropriately connected to the internet are those that you intend to be monitored/controlled from distant locations, and where you don't care if they are hacked. An "IOT"ish system that operated off of a local server would be a lot more justifiable and secureable.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by JoeMerchant on Friday April 07, @09:45PM (2 children)
>IOT"ish system that operated off of a local server
98% of the value I get from IOT stuff would be improved by keeping it in my local network, ignoring the cloud services. Unfortunately, when you are buying $9 widgets off Amazon you don't get to specify the design / implementation, and nobody is marketing competitive IOTish products that operate on the local network.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 3, Interesting) by Runaway1956 on Friday April 07, @10:19PM (1 child)
Exactly. For instance, a Ring doorbell sounds kinda cool. I'd like to be able to see who is at the door, without picking my dead arse up off my chair. "Oh, hi Billy, come on in, it's unlocked!" Or, "Come around back, Marsha, we're in the garden!" But I most definitely WILL NOT give Amazon/Google/Apple/whoever access to the imagery or the audio from the doorbell. I've looked at security/surveillance cameras, and ditto. I WILL NOT hook my cameras up to the cloud. Yeah, I've shopped a little bit for such things. Haven't made a decision on anything, but I notice those devices that are not web connected seem to cost more.
Stupid.
Abortion is the number one killed of children in the United States.
(Score: 5, Interesting) by JoeMerchant on Friday April 07, @11:17PM
I have 3 PoE IP cameras that I view through the local network. One had UPnP that put my video on the internet automagically without my knowledge for about a year, nothing I cared about, just video of the yard, but still....
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end