In this episode of the podcast (#227) we speak with Allan Liska, the head of the CSIRT at the firm Recorded Future. about the spate of attacks in recent months targeting food processing plants, grain cooperatives and other agriculture sector targets. Allan and I talk about the how these attacks are playing out and why, all of a sudden, the agriculture supply chain is under attack.
A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and impact US food production.
Forget about Colonial Pipeline and JBS. A coordinated cyber attack on U.S. agriculture could, in short order, lead to foot shortages and hunger in the U.S. and abroad. And history has shown us that when food gets scarce, things get ugly – fast. How likely is such an attack? More likely than you might think, says Rob Wood of NCC Group, our guest on this week’s podcast.
Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn.
In-brief: Hobbled by draconian copyright restrictions from manufacturers like John Deere that make it impossible to modify or repair equipment, farmers in the U.S. have turned to unofficial software produced in countries like Ukraine to maintain their equipment.
