Skip to the content

Menu

Cyber resilience increasingly important

What measures against digital intrusion do you take?

Business Tips Operation & maintenance
Cyberweerbaarheid

Digitalisation has become part and parcel of agriculture and horticulture. It makes production more efficient. And with conscious choices, it can also contribute to improved sustainability. The flip side is that the number of farms affected by some form of cybercrime is increasing. How do you make sure you’re ready for this?

What is cybercrime?

Your computer system is attacked or exploited for criminal activities. The goal might be data theft or extortion.

Farms are increasingly dependent on information technology. Downtime or disruption of systems can have major consequences, not only for you but also for your customers or suppliers. Can you keep working without your data? What would be shut down? What measures do you take to reduce the chance of a digital intrusion?

To pay or not?

If your computer is ‘taken hostage’ by a ransomware attack, you are helpless as a business owner. You have to pay a ransom, often in cryptocurrencies, sometimes hourly. What do you do?

  • Do you pay?
    After payment, your computer is released. This often takes several days. Payment does not guarantee that you’ll get your files back. It also makes you vulnerable. The perpetrator knows that you’re willing to pay, and will see you as an easy victim in the future.
  • What if you don’t pay?
    Then all the data are destroyed. It is even possible that cybercriminals take over control of your automation systems. This can seriously disrupt your operations and can result in damage to the crop and production.
  • A good backup is essential
    Have the malware removed immediately and restore a backup of your data. This is only possible if the backup is unconnected to the network, otherwise the backup will also be affected.
The best solution: preventing an attack or detecting it in time.

The options to insure cyber risk are still limited. Furthermore, any insurance will only cover the financial consequences of a digital attack. But your farm might already be shut down, and your customers and suppliers will notice the effects of this. That is why it is wise to consider the direct consequences of a cyberattack on your farm. Prevention is always better.

It starts with a good understanding of your risks.

A good risk assessment will generate many action points. Take a critical look at your digital operational processes, there is often a lot that can be improved there:

  • How susceptible is your IT system to a cyber attack?
  • What could happen in an attack? Could a hacker take control of the automation system or the climate control, feed, drink or lighting equipment?
  • What is the scope of the potential damage?
  • Can you intervene manually if someone takes control of your computer?
  • Can you restore data and control programs quickly?
  • Do you get an alarm?

Engage an expert to help you make a specific risk assessment for your farm.

Take your cyber risk seriously and put an emergency plan in place if something does go wrong.
  • Only use secured equipment and official software.
  • Make sure there is a firewall and an antivirus program.
    A firewall will stop many hackers, viruses, spyware and ransomware. All devices that are directly or indirectly connected to the internet need an up-to-date antivirus program. Protect all your equipment. Cybercriminals can also read data remotely through apps on a smartphone or through a smart wireless printer.
  • Run software updates immediately.
    In this way, you prevent your websites, servers or computers falling into the hands of hackers who use automated tools to scan the internet for security leaks.
  • Discuss cyber risks with your employees and make clear agreements.
    This can for example be about using strong passwords that are changed regularly.
  • Make an emergency plan.
    Make sure you know how to get your data back after an attack. And how you can serve your customers again.
  • Make a daily backup and save this data in a safe environment.
    The best is in a cloud service as well as on an external physical medium. Always have this external medium disconnected from the computer. This prevents infection. Check the backups regularly. Is the data still readable? Can the files still be opened? Are all the programs still present? Bring in an IT specialist if your computer does not behave as usual.
Raise cybersecurity awareness among your staff.
  • Be conscious about authorisations and access rights to business information. Who has access to what part/program/device/room?
  • Determine who is responsible for computer use, and who oversees this.
  • Make sure your employees recognise risks and make clear agreements about what is and is not allowed. For example:
    • Use strong passwords and change them regularly.
    • Only use secured USB sticks, do not leave USB sticks with sensitive information lying around.
    • Always be careful when downloading programs or files. Especially if they are free. When you download manually, you bypass your firewall and antivirus programs.
    • Check whether a website is safe: does the name of the page start with https and is the padlock in the address line closed?
    • Never just click on links in email messages. Pay attention to the sender’s email address, spelling errors, low-resolution logos.
    • Prevent harmful software from spreading: break the connection to the internet or network if you see suspicious processes in your computer.
  • Pay attention to deviations from normal behaviour.
    One of our clients received a bill from a buyer that had been hacked. The hacker had changed the bank account number on the bill. That was quite a loss!

Always file a police report if you have fallen victim to cybercrime. Be aware of the possible consequences and take preventive measures.