Tag Archive for: Agriculture

Remote bricking of Ukrainian tractors raises agriculture security concerns

/in


Against the backdrop of horrific reports from Russia’s Ukraine invasion, an encouraging story emerged earlier this month when unidentified Ukrainians remotely disabled tractors worth $5 million that Russian soldiers in the occupied city of Melitopol stole from Agrotek-Invest, an authorized John Deere dealer. The soldiers stole 27 pieces of farm machinery and shipped them primarily to Chechnya, 700 miles away, only to discover they had been rendered inoperable due to a “kill switch.”

The dealership tracked the machinery using the tractors’ embedded GPS technology. Although the equipment was reportedly languishing at a farm near Grozny on May 1, one source said the Russians had found consultants who would try to bypass the digital protection that bricked the machines.

Some observers fear that malicious actors could exploit the same technology Deere and other manufacturers use to update and monitor farm equipment. If successfully accomplished on a large-enough scale, a cyberattack could disrupt significant portions of what has become critical agricultural infrastructure.

Modern tractors are intelligent machines

Farm equipment, including machines made by industry titan John Deere, evolved starting in the 1980s from old-fashioned analog tractors, combines, and so forth into digitally connected intelligent devices that produce treasure troves of agricultural data. For example, modern tractors became equipped with “torque sensors on the wheels that measured soil density, humidity sensors on the undercarriages that measured soil moisture, and location sensors on the roof that plotted density and moisture on a centimeter-accurate grid.”

What enabled the kill switching by the Ukrainian dealership is something that initially began in the auto industry called vehicle identification number locking or VIN-locking. VIN-locking enables only authorized technicians to enter special codes to work on a machine’s internal network. Deere’s use of VIN-locking became infamous when the tractor maker decided to deny farmers access to the computer software running their machines so they could make repairs. The company argued that farmers had no right to access their proprietary…

Source…

Ransomware strike targets US agriculture industry, White House quietly hits back

/in


The White House meets with Big Tech companies amid cyberattacks on U.S. companies. FOX Business’ Ed Lawrence with more.

An industry marked as “off limits” to Russian hackers by President Biden was hit in a ransomware attack earlier this week when the operations of two farming co-ops in Iowa and Minnesota were disrupted.

In a June meeting with Russian President Vladimir Putin, Biden warned the Kremlin that cyberattacks against 16 U.S. industries – including agriculture – would not be tolerated.

The president said it was an effort to establish a “cybersecurity arrangement” and restore “order” after the largest U.S. fuel pipeline and a major meatpacking company were shut down by ransomware schemes.

$5.9M RANSOMWARE ATTACK ON MAJOR AGRICULTURE GROUP POSES RISK TO US GRAIN, PORK, CHICKEN SUPPLY

On Sunday, Minnesota-based farm supply and grain marketing cooperative Crystal Valley was hit by a ransomware attack that “infected the computer system” and “severely interrupted the daily operations of the company,” the group said in a statement.

The co-op did not answer Fox News questions about the ransom amount or who is suspected behind the latest attack.

But the following day reports surfaced showing another attack was levied at Iowa-based farming co-op, NEW Cooperative, by hackers demanding a $5.9 million cryptocurrency payout in exchange for renewed access to its food supply chains.

NEW Cooperative did not respond to a Fox News request for an interview. But according to the Wall Street Journal, Russian cybercrime group BlackMatter is believed to be behind the attack.

In a screen shot by Dark Feed, the group appeared to mock NEW Cooperative by suggesting they did not fall under “critical” infrastructure outlined by Biden.

The farming group warned the cybercrime group in an online chat that they attacked the agricultural industry and could face severe consequences from the U.S. government, Recorded Future shared in a tweet.

Despite reports that BlackMatter was negotiating with the Iowa co-op, a National Security Council (NSC) spokesperson told Fox News that the U.S. government has not formally attributed the attacks to a specific group.

“That being said, we are bringing the full weight…

Source…

Major agriculture group New Cooperative hit by ransomware attack

/in


Agriculture group New Cooperative group was hit by a ransomware attack over the weekend, potentially endangering operations of a company key to the agricultural supply chain.

A spokesperson for New Cooperative confirmed the attack to The Hill on Monday, noting in a statement that the company “recently identified a cybersecurity incident that is impacting some of our company’s devices and systems.”

“Out of an abundance of caution, we have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained,” the spokesperson said. “We also quickly notified law enforcement and are working closely with data security experts to investigate and remediate the situation.”

Iowa-based New Cooperative is among the larger U.S. farm cooperatives, and according to Bloomberg News received a ransom demand of $5.9 million from cybercriminal group BlackMatter. 

“Please know that NEW Cooperative is treating this matter with the utmost seriousness, and we are using every available tool and resource to quickly restore our systems,” the company spokesperson told The Hill. “We appreciate the patience of our valued customers as we investigate this matter and work to restore functionality and will share additional information directly with our customers as we learn it.”

In what are thought to be screenshots of a negotiation between a spokesperson for New Cooperative and the hackers tweeted out by security researchers, New Cooperative noted that 40 percent of the nation’s grain production runs through its software, and that the ransomware attack would “break the supply chain very shortly” if the hackers did not relent. 

A spokesperson for the Cybersecurity and Infrastructure Security Agency (CISA), the key federal agency tasked with securing critical U.S. infrastructure, declined to comment in favor of comments from New Cooperative. 

Allan Liska, a senior intelligence analyst at cybersecurity group Recorded Future, was among security professionals tracking the ransomware attack Monday, telling The Hill that it was still unclear how far-reaching the attack might be. 

“New Coop is the 51st largest farm cooperative in the US, so there may be regional…

Source…

Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk

/in


The agricultural equipment industry has long considered itself immune from cyber attacks. After all: farm equipment wasn’t Internet-connected and the software and protocols that it used were obscure. Besides: farms- and farm equipment held little in the way of sensitive personal or financial data that cybercriminals could easily monetize. 

But a lot has changed in the agriculture sector in the last decade. And farm country’s cybersecurity bill has come due…in a big way. A presentation at the annual DEF CON hacking conference in Las Vegas, scheduled for Sunday, will describe a host of serious, remotely exploitable holes in software and services by U.S. agricultural equipment giants John Deere and Case-IH. Together, the security flaws and misconfigurations could have given nation-state hackers access to- and control over Deere’s global product infrastructure, access to sensitive customer and third party data and, potentially, the ability to remotely access critical farm equipment like planters and harvesters that are the lynchpin of the U.S. food chain. 

Opinion: my Grandfather’s John Deere would support our Right to Repair

A video of the presentation, “The Agricultural Data Arms Race Exploiting a Tractor Load of Vulns,” was posted on YouTube by conference organizers on Thursday. It is the most detailed presentation, to date, of a range of flaws in Deere software and services that were first identified and disclosed to the company in April. The disclosure of two of those flaws in the company’s public-facing web applications set off a scramble by Deere and other agricultural equipment makers to patch the flaws, unveil a bug bounty program and to hire cyber security and embedded device security talent. 

Sick Codes (@SickCodes), an independent security researcher who declines to use his real name in public statements, worked with researchers from the group Sakura Samurai including wabaf3t; D0rkerDevil; ChiefCoolArrow; John Jackson; Robert Willis; and Higinio “w0rmer” Ochoa. Together, the group uncovered 11 other flaws in Deere software and applications and  that the group shared with the company as well as CISA, the Cybersecurity…

Source…