“Dairy farms, specifically, are among the most technologically advanced sector in the agri-food industry. They see a high adoption rate of many technologies, ranging from remote sensing, remote environmental controls to milking robots to software to managing their day-to-day operations with dairy herd management programs. These are all connected to the internet, and these are all providing opportunities to attackers or providing attack surfaces for the businesses,” says Ali Dehghantanha, founding director of the University of Guelph’s Cyber Science Lab.
Dehghantanha and his team are often called in when farms notice something unusual with their technology or software system. In a lot of these cases, the farms are subjected to a ransomware attack and are expected to pay a ransom to have their system decrypted and regain access to their files.
A lack of awareness and attention to cybersecurity in agriculture also means Dehghantanha connects with producers who have unknowingly been subjected to a cyberattack.
“Most of these farmers do not have the technology or means to understand they have been attacked until the impact has become obvious. There are many cases that, when we are called to go for an investigation, we find that attackers have compromised the business years back, and producers are not aware of their existence in the network,” he explains.
The consequences of this type of attack can vary, Dehghantanha explains. Typically, the attackers exfiltrate the data which they deem important, such as details on how the business is structured and run, along with critical financial information. This is followed by a privacy breach, which is when the attacker looks to sell private or confidential information obtained through the attack. In a ransomware attack, this data is held for ransom by the attacker, who demands payment from the farm in return for their data.
Building layers of defence
Protection begins with a risk assessment. Working in consultation with a cybersecurity expert, Dehghantanha suggests producers evaluate their technology and data to develop a comprehensive understanding of their assets at risk. From there, experts can suggest solutions necessary for security monitoring or adapt the asset architecture in their existing network to separate operational assets from non-operational ones, offering a degree of protection for confidential information.
“There are practical things that we can do to make things safer and more resilient,” shares Janos Botschner, lead investigator of cybersecurity capacity in a Canadian agriculture initiative conducted by the Community Safety Knowledge Alliance, a non-profit dedicated to improving community safety and well-being outcomes. He recommends starting small and starting today to build up “layers” of protection and increase farm resiliency to cybersecurity threats.
“I would like to suggest that people think about cybersecurity as another farm best management practice to protect themselves, just like we think about pest control programs, biosecurity programs and other such things. Incorporate it with what producers already do on a day-to-day basis to make sure that their farm businesses are productive, profitable and doing right for people, for plants, for animals and for the environment,” he implores.
Botschner likens the risk posed by cyber attackers to a stubborn coyote problem. “The bad guys are kind of like a really clever coyote sniffing along the fenceline. They're always looking for an end, and you think you've repelled them, and they come back tomorrow or next week with a new idea. Maybe they're going to try and jump over the fence or go under the fence. You must be on the lookout, and if you don't deal with it very carefully right away, it can come back again and cause bigger problems tomorrow.”
The impact of ransomware and cyberattacks on dairy operations
Canadian producers have already experienced the havoc a cyberattack can cause. “One particular operation had four waves of attacks. There was one attack and [the farm] paid the ransom. Then there was another attack, and they again paid the ransom. There was then a third attack, so they brought in the [cybersecurity] group from University of Guelph,” Botschner details. The university team advised the producer to put in place monitoring and prevention tactics to detect any future attacks, but the farm declined. They were later hit by a fourth attack that “shut down the entire operation,” leading to implications which extended well beyond the farm itself.
With many dairies relying on technology to stay operational and keep cows healthy, a breakdown or disruption to operating software can quickly have major repercussions on cow health and the business’s bottom line. “If you have a cow that's not milked within 24 hours, you have a health situation and an animal welfare situation. If the cow is already experiencing something like mastitis and it isn't milked, things could get much worse; you could have livestock deaths within 48 hours potentially, if it is a serious situation,” Botschner says, citing information recently provided by the Ontario Dairy Research Centre.
Evolving threat from animal rights movement
Dairy-specific cyber threats are evolving. Until recently, most cyberattacks have been initiated by cyber criminals, as in the case of the ransomware attacks described above, but increasingly attacks are being instigated by those within the animal rights movement. These attackers typically act with the intent to disrupt operating activities or to make public demands of the farm business owner. “Gradually, the animal activists are – as they are educating themselves on cyberattack – becoming a major risk that is changing the [cybersecurity] risk landscape,” Dehghantanha says.
As dairy farms continue to rely on technology to enhance efficiency and productivity, the need for robust cybersecurity practices has never been more critical. Just as producers prioritize pest control and biosecurity measures, integrating cybersecurity into daily operations is essential for ensuring the resilience of dairy businesses.
Consultation with an expert and conversations with equipment dealers about protection options available are both key to staying vigilant in addressing cyber threats and ultimately protecting farm livelihoods.
Cybersecurity definitions
Data encryption – Translates data to an alternate form or code which restricts its access to only those with the secret key (known as a decryption key) or passcode.
Ransomware – This is a type of software used by malicious actors (most often criminals) that denies a user access to their data or IT systems until a ransom is paid.
Canadian Centre for Cybersecurity – An agency of the federal government that provides advice, services and support on cyber security to government, critical infrastructure and public and private owners and operators in Canada.
Cybersecurity
- Agriculture and Agri-Food Canada’s “Cyber security and your farming business” resource page available here.
- University of Guelph’s Cyber Science Lab
- Community Safety Knowledge Alliance has created a suite of resources and a publicly available framework (Cyber Barn Raising) with recommendations for improving cyber resiliency in Canadian agriculture.
- EMILI Canada’s Fundamentals of Farm Data program, an open-access online learning module teaching the basic principles of cybersecurity.
