The UK’s National Cyber Security Center (NCSC) has issued its first-ever guidance for farmers to help protect their industry from malware and ransomware.
With an eye on the future of agriculture and tech, the NCSC has published guidance to help the farming sector respond to the same threats many other organizations face. NCSC notes key systems in use in the sector include email, online account tools, online payment systems as well as internet-connected farming equipment that could come under a cyberattack.
“Whilst we can’t guarantee that you’ll be protected from all forms of cyberattack, following this advice will significantly increase the protections you have from the most common cyber crimes,” NCSC notes. It said their official statistics show a rise in reports of cyberattacks against the farming community.
SEE: Network security policy (TechRepublic Premium)
The new guidance was developed alongside the National Farmers’ Union (NFU), which is urging farmers to review the document.
“Rural crime is a huge issue for farm businesses and we rightly look to protect our farm buildings, machinery and our livestock. However, we all live and work in a digital world and we must be conscious of the threats this can bring to our businesses,” said Stuart Roberts, NFU deputy president.
The guidance asks the agricultural sector to consider all aspects of their business that networked technology touches today, from automated machinery to security cameras and smartphones — basically every piece of technology that helps farmers go about their business.
NCSC’s first piece of advice is to patch and update devices and software, including Windows, macOS, iOS and Android. It advises farmers to, where possible, set the operating system to install updates automatically and offers a reminder that older versions of an OS, such as Windows 7, will eventually no longer receive security updates.
The second piece of advice is to make regular backups so that, for example, a ransomware attack does not cause the loss of emails, invoices, contacts, orders and quotes.
NCSC also recommends password-protecting each computing device and to use encryption like BitLocker on Windows or FileVault on macOS to protect data.
The document outlines the risks that farmers face from a ransomware attack, which include making a device unusable, immobilizing farm vehicles, data loss, interference with automated systems, and leaking confidential farm data.
The guidance also recommends enabling antivirus and switching on the firewall to separate the local network from the internet.
Other handy but oft-forgotten tips include to change all default passwords for devices, such as the internet router, and to choose strong passwords.
“Combine three random words to make a short, memorable phrase,” NCSC advises.
SEE: How do we stop cyber weapons from getting out of control?
It adds that farmers should pick a different password for each online account, especially for their primary email account.
“If criminals are able to access and control your email, they may be able to reset passwords and gain control of your other accounts,” it notes.
NCSC notes that if farmers do write down their passwords, they should store them securely, away from their device. It also urges farmers to use a password manager and not to use weak passwords. Specifically, it advises against using family name, a pet’s name, a place of birth, a favorite holiday, details related to a favorite sports team, and words like “password”, and “qwerty”.
Finally, it recommends farmers enable two-factor authentication (2FA) for their online accounts.
“It means that even if a criminal knows your password, they won’t be able to access your accounts. So, if you are given the option to turn on 2FA, you should do it,” NCSC says.