Cyber security: How farmers can stay safe from common cyberattacks

Farmers are being urged by industry experts to strengthen their cybersecurity and protect against online attacks.¹

The warning for everyone comes during Cyber Security Awareness Month when, every October, leaders across all sectors are encouraged to talk to their staff and customers about staying safe online.

In the past 12 months, 39% of UK businesses identified a cyberattack, according to The Cyber Security Breaches Survey 2022.²

Within the group reporting cyberattacks, 31% of businesses estimated they were attacked at least once a week.²

From hacking smart farm machinery used to plant and harvest crops to stealing passwords, money and data, there are many ways farmers can fall victim.

Here we look at how to reduce the cyber risks to your farm.

Common attacks

Phishing attempts - This was the most common threat vector, reported by 83% of businesses.² Criminals can trick farmers into sharing information and data such as passwords or bank details.³

Remember the Rural Payments Agency and your bank will never ask for personal information in an email or text.

• Hacking - Farms of all sizes can have their computer systems and smart machinery hacked. Criminals can cause disruption to farms using agricultural artificial intelligence (AI), such as by shutting down sprayers, autonomous drones, or robotic harvesters, a report by the University of Cambridge warned.⁴
• Malicious software - Criminals could shut your farm down and hold farmers to ransom. With agriculture becoming digitised, ransomware attacks are a real risk and this is why insurance is so important. Last year, meat company JBS paid $11m in ransom to resolve a major cyberattack.⁵

Cybersecurity in farming

Thanks to new technology, farmers are using AI to help plant, fertilise and harvest crops.

While going digital helps make farms more efficient and productive (think self-driving tractors and combine harvesters controlled via smartphones), it also leaves farmers and their machinery vulnerable to hackers.⁴

Hackers could exploit flaws in hardware, leaving the global food supply chains exposed to risk.

Would you be prepared if the agricultural robots in your field were hacked?

Stay safe online

It is important to protect all digital aspects of your farm business. You should:

• Update devices and back up data.
• Train your team to be vigilant and have a plan in place should anything go wrong. Marsh Commercial can help arrange cyber liability insurance.⁶
• Stop viruses, spyware, malware and ransomware with antivirus software on your equipment.
• Set up strong passwords for each online account. Try to combine three random words. Stay clear of pets’ names and place of birth, which criminals can find on your social media accounts. Do not store passwords with your device.
• Look at the privacy settings of your social media accounts. Consider who can view your information.

Use two-factor authentication

The free security feature, also known as 2FA, provides an additional layer of protection to your farming business.

For example, it will help prove it is you logging into your online bank accounts by sending a code by text or email.⁷

Avoid being tricked by deepfakes

Deepfakes use a form of AI to create convincing fake images, videos, and audio, sometimes to entertain.⁸

However, they can also be used by savvy criminals to mislead, steal identities, ruin reputations and for financial gain. Criminals could pretend to be a customer or a legitimate company. They could imitate you to your customers or employees, or impersonate your boss asking you to transfer money to a supplier.

Train your staff on dealing with deepfakes and why they should be concerned about being fooled.

Are you expecting a call from this person? If not, contact them directly via the contact details you already have.

Report internet scams and phishing

Report any suspicious emails, websites, phone calls, numbers or texts.

Never give out private information such as passwords or bank details. Don’t reply to scam texts or click on email links that may not be genuine.⁹

Forward emails to report@phishing.gov.uk or texts to 7726 for free.

If you suspect fraud

Contact Action Fraud on 0300 123 2040 or visit www.actionfraud.police.uk.

The Rural Payments Agency offers guidance for anyone worried about fraud related to your Rural Payment. Go to www.gov.uk/guidance/rpa-fraud-information.

For more on staying safe online, visit Cyber Aware, Get Safe Online or the National Cyber Security Centre.

Sources

1. farminguk.com/farmers-urged-to-fight-against-latest-cybercrime-trends_58492.html 
2. gov.uk/government/cyber-security-breaches-survey-2022
3. marshcommercial.co.uk/how-to-protect-your-business-from-phishing-scams
4. cam.ac.uk/risks-of-using-ai-to-grow-our-food-are-substantial-and-must-not-be-ignored-warn-researchers
5. eandt.theiet.org/agricultural-sector-at-risk-of-cyber-attacks-researchers-warn/
6. marshcommercial.co.uk/cyber-risks
7. getsafeonline.org/two-factor-authentication/
8. marshcommercial.co.uk/avoid-being-tricked-by-deepfake
9. gov.uk/report-suspicious-emails-websites-phishing

Additional sources: 

• getsafeonline.org/
• actionfraud.police.uk
• gov.uk/guidance/rpa-fraud-information
• ncsc.gov.uk/section/information-for/small-medium-sized-organisations
• bbc.co.uk/news/science-environment-61336659