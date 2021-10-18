What do cyber hackers and Midwest grain farmers have in common? An interest in agricultural cooperatives.
Farmers depend on their local cooperative as a valuable partner – especially during harvest season – while hackers see cooperatives as a prime target for ransomware and cyber intrusions with the intention of financial gain.
Two Midwest agricultural cooperatives recently were victims of cyber breaches that hobbled their operations. In one case the attack involved a nearly $6-million-dollar-ransom demand from the hackers.
The threat has become so prevalent that, in early September, the FBI issued a private industry notification about cyber threats and ransomware focused on the food and agribusiness sectors.
The notice stated, “Ransomware may impact businesses across the sector – from small farms to large producers, processors and manufacturers, and markets and restaurants. Cyber criminal-threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that’s increasingly reliant on smart technologies, industrial-control systems, and internet-based automation systems.”
So what can agribusinesses do to protect their operations? According to Emily Selck, director of cyber liability for M3 Insurance, there are best practices that can minimize the risk to any size operation.
- Create a robust employee-training program
- Install multifactor authentication
- Disable unused, remote-access ports
Create a robust employee-training program
Employees are often the weakest link in any cybersecurity program. Email is one of the most vulnerable access points.
According to the FBI’s Internet Cyber Crimes report, business email compromise and phishing scams were some of the costliest and most reported crimes in the past year. Phishing is a type of scam where criminals impersonate legitimate organizations via email or text message.
According to the FBI, “business email compromise is frequently carried out when a subject compromises legitimate business-email accounts through social engineering or computer-intrusion techniques to conduct unauthorized transfers of funds.”
It’s critical that agribusinesses create a robust training program that helps employees spot malicious emails and phishing scams. The FBI provides tips that can be reinforced through an employee-training program.
- Carefully examine the email address, URL and spelling used in any correspondence. Scammers use slight differences to trick one’s eye and gains one’s trust.
- Be careful what you download. Never open an email attachment from someone you don’t know and be wary of email attachments forwarded to you.
An employee-training program should include tips on developing strong passwords that are complex and not duplicates of passwords used elsewhere.
Install multifactor authentication
Multifactor authentication is a means of providing access with two pieces of evidence to confirm one’s identity. It can come in a few different forms – something you know, something you have or something you are. Presenting a debit card and personal identification number at an automatic teller machine is one example.
Logging into your network may require you to verify that you’re logging in on an authenticator app on your phone through a push notification or password. That security measure goes beyond strong passwords and affords those logging in additional protection of their data or financial assets.
If passwords become compromised, criminals are able to access the systems using automated cyber attempts. Simply put business-email compromise has become easier than ever.
Executives consider cyber risk one of their greatest concerns. The idea of access to critical information could cause a crisis of massive proportion as seen in the agricultural cooperatives that were recently breached. Business-email compromise can create a host of issues when there’s access to email systems belonging to finance or executives. A simple addition of multifactor authorization can prevent attacks stemming from stolen passwords. It’s also easy to implement across an organization.
Disable unused, remote-access ports
Remote desktop protocol is a means of accessing one computer from another. The means of access is called a port, the main portal for all access of information over the internet. Web browsers, web pages and file transfer services all use specific ports to receive and transmit information. Some operating systems have a certain number of default ports that are open, and certain types of software use specific ports.
If improperly secured, open ports can create a host of issues. The ports can be publicly accessed using a simple scan, leading to the download of ransomware or other forms of malware. Requiring strong passwords and multifactor authentication for access to open ports such as virtual private networks can prevent access when ports must remain open. That impacted many companies when the transition was made to a remote workforce due to the pandemic. Other common scenarios can include cleaning of log files – hiding malicious activity – as well as disabling of backups, and exfiltration of data.
Operations looking for tips and resources for implementing a cybersecurity program have a variety or resources such as their insurance broker or agent, government cybersecurity offices. or the National Institute of Standards and Technology.
While it may not seem easy to implement a cybersecurity program, it’s much easier – and less costly – than trying to recover from a malicious cyberattack. The adage – an ounce of prevention is worth a pound of cure – couldn’t be truer. Visit m3ins.com for more information.