Smart Farms can also be hacked

Cristina De Luca -

February 21, 2022

Today’s precision farming routinely uses sophisticated technologies such as robots, temperature and humidity sensors, aerial imaging, and GPS technology to improve profitability, efficiency, and safety, and create the opportunity for greener operations. The rapid evolution of Information and Communication Technologies (ICT) has strongly affected the structure and procedures of modern agriculture. Despite the advantages gained from this evolution, there are several emerging security threats that can severely impact the agricultural domain. 

Unfortunately, it’s all too common for businesses of all types to fall victim to a cyberattack, and farms are no different. And while keeping business operations protected and running smoothly is a priority, it’s important to remember that farm businesses play a critical role in putting food on tables. An outage due to a cyberattack can have far-reaching consequences, but there are key steps farms can take to prepare.

In particular, the rapid development and pace of IoT adoption have created not only many technological and market opportunities but also a significant gap and increased security attack surface. In addition, many sensors are susceptible to malfunction, making the possibility of false measurements and commands, capable of compromising production, real. LoRaWAN and Zigbee communications, for example, can be affected by harsh environmental conditions such as temperature, humidity, obstacles, and human presence as well, leading to failures and data loss.

Data falsification, whether intentional or not, can have serious consequences, especially as it can affect decisions made by artificial intelligence algorithms and automation systems leading to the interruption or even destruction of production.

In addition, fake data can lead to dangerous conditions for both agricultural products and the health of humans because it can cause the overuse of fertilizers or pesticides. Rural industries that fail to protect against cyber threats are not only putting themselves at risk; they are also putting the food security of entire populations at risk.

While many research efforts focus on designing solutions for securing network protocols and devices, several challenges still remain, especially with regard to data integrity, service reliability, and the lack of metrics for device security. These challenges are often difficult to deal with effectively due to the diverse range of possible cyber attacks.

Unknown or unprotected vulnerabilities of IoT and cyber-physical devices (as well as other hardware components) can be exploited by professional attackers using specialized tools. Good examples of this type of attack include side-channel and radio-frequency (RF) jamming attacks, which can violate privacy, confidentiality, or authenticity when they target poorly designed IoT and cyber-physical systems.

The risks involved

The main security aspects of smart farms and precision farming are:

  • Privacy is necessary to prevent a user from having unauthorized access to other users’ information. Some attacks can lead to a breach of privacy.
  • Integrity: guarantee that the information is not altered during storage or transmission.
  • Confidentiality: protection of data against unauthorized access.
  • Availability: guarantee of the continuity of the services provided.
  • Non-repudiation prevents users from repudiating what they have done in the system.
  • Trust makes it impossible for a user to spoof another identity.

Each type of attack (graph) can compromise one or more of these aspects.

Threats to data ownership and privacy are usually classified into four categories: 

  • Intentional data theft through smart apps and platforms that do not comply with confidentiality standards; 
  • Stealing internal data from a supply chain stakeholder to harm an agribusiness or farmer; 
  • Unethical selling of data to minimize profits for farmers or harm them; 
  • And access to confidential information and data collected by equipment such as drones, sensors, cameras, in order to use them against farmers or to compromise public safety.

The best way for farmers to determine if they are at risk is to start by analyzing their current IT set up, taking an inventory of all the devices and equipment that enable the farm business to function, auditing each system on their networks to assess the security controls associated with each process and potentially vulnerable points. 

Using IT infrastructure monitoring tools helps verify the health and resource utilization of IT infrastructure components no matter where they reside by gathering availability and resource utilization metrics from physical and virtual entities, including servers, containers, network devices, database instances, hypervisors, and storage. Using this type of infrastructure monitoring, IT organizations can detect operational issues, identify potential security breaches or malicious attacks, and identify new areas of business opportunity.

Any endpoint or application connected to the network is a potential attack vector for a malicious agent wishing to gain access to data. Even hardware devices should be continuously monitored for their health status, especially when a hardware failure could result in unplanned downtime or lost revenue.

Hardware monitoring tools capture data from sensors that can be found in computers and other machines. This can include battery life data, power and charge sensors, current and voltage sensors, etc. 

Network monitoring helps you verify that your organization’s internal network is functioning properly and delivering the expected levels of speed and performance. With IT infrastructure monitoring tools, you can track the throughput and connectivity levels users are experiencing on the network, as well as monitor incoming and outgoing connections. Network monitoring can help your IT organization respond proactively when an unauthorized user attempts to access your network.

Application monitoring is another critical aspect of IT infrastructure monitoring. The software applications deployed on your servers may be used by members of your IT organization or by company customers. In both cases, applications represent a potential attack vector for a malicious actor and a powerful source of operational and business intelligence. With today’s IT infrastructure monitoring tools, organizations can track user behavior on applications to gain operational insights and identify business opportunities.

The more alerts that are created, the more likely it is that an important event will be quickly brought to the attention of farm IT infrastructure administrators. It is possible to list “high priority events” and set up a specific alert that corresponds to each one. Setting alerts with very specific parameters reduces the number of false positives generated by the alert system.

Agricultural IoT applications have unique characteristics that give rise to security issues listed by the authors of a study published by IEEE, who suggest countermeasures to mitigate them.

By the end of this decade, we will need the extra food it produces – with the world population projected to exceed 8.5 billion and more than 840 million people affected by acute hunger. Unless smart agriculture can dramatically increase the efficiency of the global food system, the prospect of reducing global malnutrition and hunger – let alone the ambitious target of zero hunger by 2030 – looks very difficult indeed.