Farm Machinery at Risk | Putin Bolstering Russia’s IT Security | Ransomware Groups Leveraging Old Vulnerabilities
Article by Christopher Lauder, Delegate Relationship Executive, Rela8 Group
Farm Machinery at Risk
Multiple news outlets this week have been reporting how it is feared that modern “smart” farming machinery is now at risk. Experts are worried that smart farming machinery is vulnerable to hackers, which would leave global supply chains exposed.
It is feared, according to experts, that hackers could exploit flaws in agricultural hardware which is used to both plant and harvest crops. This comes as agricultural giant John Deere announces that they are now working to fix any potential weak spots in their software. James Johnson, John Deere's Global CISO told the BBC that the company had been liaising with numerous ethical hackers on vulnerabilities they have found.
Benjamin Turner, Chief Operating Officer at Agrimetrics, one of four UK government-backed agri-tech centres of agricultural innovation, said:
"Hacking into one tractor, you can upset a farmer and maybe damage their profitability for a season. Hacking into a fleet of tractors, suddenly, you've got the power to affect the yield in whole areas of the country."
Recently, the University of Cambridge released a report looking into this issue. They found that multiple targets could fall victim to attackers – notably automatic crop sprayers, drones, and robotic harvesters could be hacked.
This issue is important, as smart technology is being used increasingly to make farms more productive and efficient. The most recent generation of agricultural robots are using artificial intelligence to minimise human involvement in the farming process. While they do help to plug a labour shortage or increase yield, the fear of the inherent security risk is growing, adding to concern over food-supply chains already threatened by the war in Ukraine and Covid.
Putin Bolstering Russia’s IT Security
Moving our focus over to Russia – President Putin said last Friday that Russia must bolster its cyber defences by reducing the use of foreign software and hardware. President Putin also claimed that cyber attacks on Russia by foreign “state structures” had increased several times over.
In a statement, President Putin said:
“Targeted attempts are being made to disable the internet resources of Russia's critical information infrastructure [...] Serious attacks have been launched against the official sites of government agencies. Attempts to illegally penetrate the corporate networks of leading Russian companies are much more frequent as well."
In a meeting with the Security Council, Putin said that Russia would need to improve information security in key sectors and switch to using domestic technology and equipment.
"Restrictions on foreign IT, software and products have become one of the tools of sanctions pressure on Russia," Putin said. "A number of Western suppliers have unilaterally stopped technical support of their equipment in Russia."
This is definitely a story to keep an eye on over the coming weeks as the conflict in Ukraine continues to develop.
Ransomware Groups Leveraging Old Vulnerabilities
In an article by Jill McKeon, she examines the new report from Cyber Security Works (CSW). In the report, CSW notes that researchers have observed ransomware groups leveraging vulnerabilities that were multiple years old to exploit their victims. This illustrates an ongoing trend of threat actors targeting known vulnerabilities and trusted attack methods rather than using and developing new ones.
Since January 2022, researchers have observed a 7.6% increase in vulnerabilities tied to ransomware, the report stated. Notably, 11 of the 22 newly added vulnerabilities linked to ransomware were first disclosed in 2019, “indicating that ransomware groups are on the hunt for vulnerabilities with pre-existing means of exploitation,” the report noted.
Jill explains that these findings also align with the Q1 2022 report from the Health Sector Cybersecurity Coordination Centre (HC3). They saw threat actors leveraging legitimate tools and existing weaknesses to exploit victims rather than developing custom malware. HC3 observed threat actors favouring file transfer, remote access, and encryption tools to infiltrate target organisations.
More details can be found in the sources below.