By Glen Hallick, Commodity News Service Canada
Winnipeg, Nov. 16 (CNS) Phishing attacks, data theft and data manipulation are a few of the dangers producers, as well as, everyone else faces, when using digital technology.
Two experts on the subject, Adrienne Ehrhardt of Michael Best and Friedrich LLP and Doug Tait of Thompson Dorfman Sweatman LLP, spoke about the importance of cyber security on farms at the Grain World conference in Winnipeg, Man. on Nov. 14.
“With all of the technology that’s floating around there are a lot of threats out there that most people haven’t considered,” Ehrhardt said.
Tait said the myriad of Internet of Things (IOT) devices, of which there are a total of 23 billion connected around the world, are increasing at a rapid rate. He said the total number of IOT’s is expected more than triple by 2025.
“In the agriculture sector alone it’s experiencing an IOT growth rate of 20 per cent compounded yearly and by 2025 there will be an estimated 224 million devices,” he said.
Tait said the data that can be gleaned from agriculture can be very valuable to not only other industries, but also to “the bad guys.” He added the more devices there are the more vulnerable farmers can be.
One simple preventative measure, Tait said, producers can take is changing the passwords on their IOT devices. Too often the password on countless devices is ‘admin’ and that makes it extremely vulnerable. Both experts strongly suggested producers come with pass phrases that are unique to them rather than relying passwords. Tait said there is a database on the ‘Darknet’ that contains approximately 50 million passwords that have been used nefariously to get into systems.
“People today are still using ‘123456’ or some password that is very easily guessable,” he said.
Ehrhardt said cyber security is not only about data theft but also data manipulation and that she said can result in crops dying.
And of course there can be financial losses due to phishing attacks in which people unknowingly give up sensitive information. She suggested people “go old school” when dealing with large financial transactions by speaking over the phone to the person who is to receive the money to verify the transaction has been completed correctly.
Also, Ehrhardt said producers need incident response plans when they have incurred a cyber-attack, such as having your data backed up, having an IT expert to call and having a process to determine when and where the breach occurred.
“The same types of risk mitigation in other industries can be borrowed or applied to the ag sector as well,” she said.
While there is cyber insurance, Tait pointed out that industry is something of a “wild West.”
“The plans differ significantly, so when you’re looking at cyber insurance make sure you get a very trusted insurance advisor or a lawyer to look over the language. The language between policies may have the same words but they may not mean the same thing,” he said.