With farmers using more digitally connected devices that ever before, a warning has been issued that it is a matter of when and not if a cyber attack occurs.
Speaking at the AgSmart Connect event at Tamworth, CISO Online director Iman Tahami said with farmers increasingly adopting technology such as drones, self-driving tractors, sensors and artificial intelligence, cyber safety was crucial.
"Technology comes with risk. You don't need to panic about it but you need to ensure you have the right safety features in place," he said.
"It's not about if you face a cyber attack, it's about when."
Mr Tahami said agriculture industries had increasingly become a target for cyber attacks, which caused serious disruption to rural communities.
He said a number of high-profile incidents highlighted just how great the risk was to the primary production sector.
"JBS, one of the biggest global meat processing giants, faced a cyber attack and unfortunately it was a successful attack and they had to pay $14.2m in Bitcoin," he said.
Mr Tahami said the challenges of holding someone to ransom had changed and when kidnappers used to take people for ransom the greatest challenge was how to collect the money.
"But today, that's the easiest part for them," he said.
"Kidnappers are kidnapping data. Collecting money is the easiest part for them by using cryptocurrency. They ask for Bitcoin, they don't ask for dollars and they don't tell you to transfer money to a bank account.
"I'm not saying Bitcoin is not traceable, but a lot of the time it takes more time and money to actually trace the Bitcoin."
Mr Tahami said another major disruption in the ag sector happened to Lion Dairy and Drinks.
"Just think about it, you go into your office and you see your data is encrypted," he said.
"They encrypt your data and they take a copy of your data. That's what happened to dairy processor Lion Dairy and Drinks."
Hackers provided proof they had stolen confidential copies of the company's files. This led to the forced shutdown of production, which affected customers, suppliers and the whole supply chain.
Another example was a malware attack that shut down Australian and New Zealand wool sales for eight days, through a ransomware attack that encrypted the program needed to buy and sell wool.
Mr Tahami said while these were high-profile incidents, which cost the Australian agriculture sector significantly, limited cyber security investment in the primary production industry meant digital breaches could happen quite easily and often.
He said there was even the potential for hackers to control automated farm operations, putting livestock, produce and infrastructure at risk.
So how do farmers and businesses best protect themselves?
Mr Tahami recommended a range of measures including:
- Protecting your identity through multi-factor authentication
- Updating laptops and mobile devices as soon as updates are available
- Don't automatically click on links and verify by hovering over the links
- Ongoing security testing and vulnerability assessment
- Having an incident response plan
- Security awareness training and simulated phishing attacks
Mr Tahami said invoices also posed a risk, as hackers could copy the invoice and simply change the BSB and account number.
"Focus on three things - identity, emails and data. When we look at the latest cyber attacks and breaches that have happened in the industry, either their identity got compromised, their email, or their data," he said.
"Never trust, always verify. For any sized business, identify, protect and find out your vulnerabilities because if you don't, the hackers will."