Cyber experts warn an attack that threatened to expose non-existent livestock abuse is likely to become more common
A ransomware attack on a small Ontario hog business is something the agriculture industry must pay more attention to, said a cybersecurity expert.
Instead of cash, the attackers demanded the hog business owners publicly admit to what they alleged to be livestock mistreatment.
The occurrence was unique and alarming, said Ali Dehghantanha, Canada Research Chair in Cybersecurity and Threat Intelligence at the University of Guelph’s Cyber Science Laboratory.
The lab offers a for-fee support service for those managing cyberattacks and cybersecurity.
While the number of cybersecurity incidents across Ontario’s agriculture industry has been rapidly increasing, he said the cashless ransomware attack against the family hog business — an incident he and his colleagues helped the family resolve — highlights what could become a wider trend.
Read Also
Alberta crop diversification centres receive funding
$5.2 million of provincial funding pumped into crop diversity research centres
Ransomware and other criminal cyber activities usually come with demands for payment. Activists and others who might be hostile to certain farming practices pose another potential threat.
According to Dehghantanha, the attack perpetrators claimed to have incriminating evidence showing animal abuse on the farm. It included camera footage taken from what the perpetrators claimed was a compromised farm surveillance system. The attacker’s prerequisite for releasing their hold on the farm’s network was a public statement from the business owners admitting to animal abuse.
In Dehghantanha’s view, this would have been financially devastating for the business.
No such footage existed, however, and claims of compromised cameras were false. Barring the demand for self-incrimination, the attack proved to be a standard, easily manageable ransomware attack.
“This was the first time working in this specific industry we have seen ransomware not asking for money. That would make our job much more difficult as we are dealing with adversaries whose motivation is not money,” Dehghantanha said. He added the transfer of cash is often the riskiest part for those committing ransomware attacks because the movement of funds can be tracked.
“Prior to this we were not concerned with these small family food businesses…. There was not a playbook for these kinds of situations.”
Dehghantanha said his lab has been engaged with 20 cybersecurity issues reported from southern Ontario in the first half of 2023, up from a handful in all of 2019. Awareness of cyber risk has likely played a role in higher reporting, but it’s also getting easier for bad actors to acquire harmful attack tools like ransomware.
Simultaneously, the agriculture and food sectors are underprepared for such threats. Dehghantanha said agriculture and food lags other sectors are notably energy and health, by about five years when it comes online security.
He suggested establishing a committee or another body of industry representatives, technology experts and others to design cybersecurity standards “rooted in the reality of the industry.
“We must identify steps for farmers and businesses that can be gradually achieved to get to the same level. This has happened in energy and health sector so there’s no reason it can’t happen in agriculture sector,” said Dehghantanha.
Stakeholders in the agriculture sector, such as Ontario Pork, said they are raising awareness about the growing need for better cybersecurity. In an email statement received July 12, Ken Ovington, general manager for Ontario Pork, stated the group “routinely meets with cybersecurity experts and researchers to gather knowledge that can create awareness and provide informational tools that are valuable to pork producers and the provincial pork industry.
“These types of cyberattacks are undeniably on the rise. As technology usage increases, so does the methods and sophistication of cyber criminals, so it’s crucial that producers, agricultural organizations and government continue to prioritize cybersecurity measures, stay vigilant and collaborate to prevent future cyberattacks,” said Ovington.
Strategies used to prevent issues within the organization itself were listed as well, including cybersecurity training for employees. No comment on specific incidents, such as the ransomware attack on the family hog operation, was provided.
Dehghantanha encourages greater proactivity.
Establishing standards will help the agriculture sector improve overall security and, potentially, bring spin-off benefits like lower insurance rates, but he also stressed individuals and organizations must pay attention to the threats posed by hackers focused on industry disruption over money.
“We don’t need to wait for a standard to work on awareness. If you have livestock, you could be on a target list.”
