You may have heard about Russian hacking into U.S. computers, but what you may not know is the potential impact hacking could have on U.S. agriculture, according to a professor at Auburn University.
“The Russian government and military are quietly probing our nation’s computer systems that control our critical infrastructures,” says Bob Norton, chair of the Auburn University Food System Institute’s Food and Water Defense Working Group.
Hackers can gain access to private, corporate and governmental computer systems by taking advantage of vulnerabilities in those systems, and often preying upon unsuspecting users. “Their goals are to learn how our systems work, find out which larger networks are connected to them and to locate their weaknesses and defenses,” Norton explains.
The victims of these attacks may not even be aware that their systems are affected. The concern is that these systems can be accessed or malware activated later, should hostilities with the U.S. occur.
“These clandestine probing efforts could be weaponized to shut down computer systems and even destroy the power grid, the food supply chain, water plants and wastewater plants,” Norton says. “Equipment associated with farm operations, processing plants, irrigation and other operations could become targets.”
Criminals sanctioned by the Russian government or members of the Russian government or military, steal credentials, proprietary information and carry out identity theft, according to Norton. The most likely scenario would be for malware to destroy industrial control systems, which would cause food production to come to a screeching halt, at least temporarily.
Follow these best practices
While the private sector cannot directly impact the security of corporate and government computer systems, a general knowledge of cybersecurity best practices for all computer users is important because of the prominence of hacking and phishing attacks. Here are some steps you can take to identify and mitigate common issues:
- This usually occurs when a user has downloaded a file or visited a website that downloaded a file that is malicious. It is vital that you and your employees are proactive in paying attention to downloaded files - only download files from websites you know. In addition, ensure that you are running up-to-date antivirus software on every computer on your network. You may also consider using security plugins for browsers and email, as well as router-based antivirus and monitoring.
- If you are using the same username and password for every account, especially for work and home, you should stop immediately. If you have trouble remembering passwords, consider using a password manager like LastPass. When you use the same password and usernames, hackers test them on different sites to see if the same credentials work elsewhere - and they are frequently successful. You should also consider adding two-factor authentication and Google Authenticator. Add any and all security options offered for your online accounts - especially for financial and email accounts.
- SSL. When visiting a website, look for the lock in the browser address to ensure that the site is SSL encrypted. Without that, hackers may be able to infiltrate the information you enter into forms.
Other beneficial ways to prevent hacking include keeping your router software updated, avoiding making transactions on public WiFi networks, maintaining and using reputable software, using a firewall and encrypting files before sharing them.
The only way to prevent and combat these attacks is for individuals, businesses and governmental entities to take online security seriously. It only takes one successful phishing attempt on an individual or system with significant control or information to cause extensive harm.
The opinions of the author are not necessarily those of Farm Futures or Farm Progress.