Food Security as a Geopolitical Weapon
"They've just become so common. Every week, I would say, we are getting contacted by farmers or food companies. It's one of the soft bellies of our critical infrastructure.""I think we are all waiting for disaster."Ali Dahghantanha, Cyber Science Lab, University of Guelph, Ontario
"These are all systems that we explicitly depend on every single day, and they have become extremely vulnerable to manipulation of all sorts.""They're vulnerable because we haven't thought carefully about the security of how we set these systems up.""I mean, it's truly terrifying, to be honest."Even Fraser, director, Arrell Food Institute, University of Guelph"The interruption of the global food supply is not collateral damage from the war in Ukraine.""It is a planned hybrid weapon to further massively destabilize the global economy and political order."Yulia Klymenko, Ukrainian MP, first deputy chair, Transport and Infrastructure Committee, Ukraine"There is a lot of innovation happening in agriculture in Canada.""So we are at risk from foreign-backed espionage."Mohamad Yaghi, Agriculture and Climate policy lead, Royal Bank of Canada
Photo by Chung Sun-Jun/Getty Images |
Last
year Ali Dehghantanha's squad of engineers and computer scientists
responded to dozens of reports from southwestern Ontario of hacks within
farming and food production operations. Sometimes the incidents
represent a bad link in an email with hackers demanding money to unlock a
system or to return the farmer's data. In other instances hackers break
into a farm system and threaten to kill livestock; chickens, cattle.
In a third of the cases, investigators found evidence of state-sponsored hackers originating in
Russia, China, North Korea and Iran who have quietly gained access to control systems inside a farming operation. The University of Guelph is located close to Toronto in one of the province's most vital farming hubs. A group of specialists work out of the Cyber Science Lab, visiting banks, defence contractors, hospitals and farms. The lab received fifty calls from the food industry last year.
Russia, China, North Korea and Iran who have quietly gained access to control systems inside a farming operation. The University of Guelph is located close to Toronto in one of the province's most vital farming hubs. A group of specialists work out of the Cyber Science Lab, visiting banks, defence contractors, hospitals and farms. The lab received fifty calls from the food industry last year.
The
realization dawned that the domestic food production system may be one
of the most obvious cracks in Canada's national defences. Criminals or
state-sponsored hackers breaking into systems to disrupt critical
infrastructure like transportation or health care or food production
only recently become plausible owing in part to Russia's invasion of
Ukraine.
Canada's
Communications Security Establishment (CSE) the country's signals
intelligence agency, warned that Russian-backed hackers are "exploring options for potential counterattacks" on critical infrastructure in Canada and other NATO allies supporting Ukraine.
A computer monitor is seen inside a GPS-equipped John Deere tractor. As farm use of technology and smart devices grows, experts say more needs to be done to protect against cyberattacks that could threaten food security. (Seth Perlman/The Associated Press) |
Farms
have become complex technical operations using networks of remote
monitors measuring soil moisture, or robotic milkers capable of
detecting an infection in a single teat, or environmental control
systems maintaining the precise indoor temperature and air filtration
requirements of a poultry barn. All of which in theory could be
commandeered and held for ransom by a hacker. The U.S. Department of
Homeland Security identified several "hypothetical threat scenarios" in its 2018 report where hackers could compromise agricultural operations.
One scenario had a terrorist lift data on the health of a large livestock herd. "They modify the data to look like the herds have foot and mouth disease, and dump the data on the internet".
In such an instance it could take weeks for lab tests to confirm the
outbreak was in fact false -- in the interim causing trade issues and
shaking public trust in the food supply. Another scenario had hackers
manipulate moisture sensors in a farmer's soil, triggering watering
systems to flood the fields and destroy crops.
In
its invasion of Ukraine an effective part of the Russian playbook has
been attacking agricultural infrastructure. EU trade counsellor Maud
Labat warned that Moscow strategized how to wield food as a "geopolitical weapon".
Its attacks on transportation and grain storage infrastructure, its
months-long blockade of ports on the Black Sea choked off access to one
of the world's most important bread baskets, driving up global grain
prices last spring. Food shortage concerns intensified in developing
nations depending on the region for imports.
National
Cyber Threat Assessment's latest report stated state-sponsored hackers
are not likely to disrupt or destroy critical infrastructure unless
Canada enters into direct hostilioties, leaving hackers more likely to
break into Canadian systems to collect information or "pre-position" in
the event of a future conflict. Released last fall, the CSE report
stated adversaries could use cyberattacks as a form of "power projection and intimidation".
"In
the absence of a significant escalation in international hostilities,
we assess it is unlikely that state-sponsored actors will intentionally
seek to disrupt Canadian critical infrastructure and cause major damage
or loss of life", advised CSE spokesperson Kyla Borden. "This is organized crime. These folks have HR departments. They have employees of the month awards. This is big business",
explained John Hewie, a national security officer at Microsoft Inc.,
referring to sophisticated networks focusing on "big-game hunting" --
attacks where a hacker takes control of a system or data from a major
business and asks for a steep ransom.
In
fact, the Canadian food industry alone experienced a series of
high-profile incidents late last year, a "cybersecurity incident" at
Maple Leaf Foods Inc., one of Canada's largest meat packers. Empire
Co.Ltd., Canada's second-largest grocery chain experienced a
"cybersecurity intrusion" that snarled operations, expected to cost the
company $25 million. According to Janos Botschner, lead investigator of
the Cyber Security Capacity in Canadian Agriculture, approximately four
to 11 percent of Canada's farms have had a cyberattack attempt on their
operations. "This is very much an estimate, but it's probably also an under-report", he clarified.
Labels: Agriculture, Cyber Threats, Cyber-Security, Food Distribution, Food Production, Foreign Cyber Actors
0 Comments:
Post a Comment
<< Home