Agricultural sector at risk of cyber attacks, study warns
Image credit: Foto 97585267 © Dusan Kostic | Dreamstime.com
Modern 'smart' farm machinery is vulnerable to malicious hackers, leaving global supply chains exposed to risk, researchers have warned.
Since the industrial revolution, technological development has been linked to an improvement of agricultural techniques, resulting in an increase in the global food supply. Now, the idea of farms being run by robots and smart machinery is closer than ever. However, that progress could be hampered by the actions of hackers.
A new risk analysis done by the University of Cambridge, published in Nature Machine Intelligence, warns that the future use of artificial intelligence in agriculture comes with substantial potential risks for farms, farmers and food security that are at present poorly understood and underappreciated.
“The idea of intelligent machines running farms is not science fiction,” said Dr Asaf Tzachor, a researcher behind the study, “but so far no one seems to have asked the question: ‘Are there any risks associated with a rapid deployment of agricultural AI?’”
The paper suggests that hackers could exploit flaws in agricultural hardware used to plant and harvest crops, such as automatic crop sprayers, drones and robotic harvesters. This fear is further heightened by the warnings of the UK government and the FBI regarding a growing threat of cyber attacks in the past year, as well as the possibility that Russian state-sponsored hackers would target supply chains as a vital part of Western national infrastructure.
Some of these threats have already materialised. Last year, JBS, one of the world's biggest meat processing companies, paid $11m (around £9m) in ransom to resolve a cyber attack, while earlier this month top US agriculture firm AGCO was hit by a ransomware attack that affected production.
“There is a real risk that people anywhere in the world could try and take control of these machines to get them to do whatever those people want, or just prevent them from operating," said Chris Chavasse, co-founder of agricultural firm Muddy Machines.
The Cambridge researchers have come up with a catalogue of risks that must be considered in the responsible development of smart agriculture, as well as ways to address them. To guard against attackers poisoning datasets or shutting down sprayers, autonomous drones and robotic harvesters, the team suggests that ‘white hat hackers’ help companies uncover any security failings during the development phase, so that systems can be safeguarded against real hackers.
One such hacker is an individual known by the alias 'Sick Codes', who recently revealed to the BBC that he had discovered weaknesses in the software of agricultural manufacturer John Deere, which he had reported. He said he found a way to access company information and machine data through websites and apps.
James Johnson, John Deere's global chief information security officer, said those found so far by Sick Codes did "not pose a threat to customers or their machines".
"No company, including John Deere, is immune to vulnerabilities, but we are deeply committed and work tirelessly to safeguard our customers and the role they play in the global food supply chain," Johnson added.
Advanced machinery, such as drones and sensors, are already used in agriculture to gather information on crops and to support farmers’ decision-making by detecting diseases or insufficient irrigation, for example. Such automated systems aim to make farming more efficient, saving labour costs, optimising production, and minimising loss and waste.
With an estimated two billion people afflicted by food insecurity, artificial intelligence technologies and precision agriculture promise substantial benefits for food and nutritional security in the face of climate change and a growing global population. To realise this vision, farmers and technology firms must protect farming equipment from threats.
“AI is being hailed as the way to revolutionise agriculture," said Dr Seán ÓhÉigeartaigh, co-author of the research. "As we deploy this technology on a large scale, we should closely consider potential risks and aim to mitigate those early on in the technology design.”
After all, hacking one tractor can upset the farmer and potentially harm their individual profitability for a season. Hacking into a fleet of tractors could provide a bad actor with the power to affect the crop yield in vast areas of a country.
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.