Don’t come a ‘cropper’ to cybercrime





This week would have seen the return of Wales’ celebrated Royal Welsh Agricultural Show instead, like most things these last 16 months its had to go virtual. Although not quite the same experience, the event is now in its 117th year, and brings together the finest in Welsh farming, agricultural industry and the high-quality food and drink produced in Wales, bridging the gap between town and country.


There are more than 24,500 farms across Wales specialising in crops, pig and poultry, dairy, sheep and grazing. It is the foundation of the £6.9 billion Welsh food and drink supply chain industry and represents over 58,000 jobs across the region.


It’s clearly big business and as this sector continues to grow, the reliance on digital connectivity, management software and automation for enhanced efficiency increases. ‘Smart farming’ and ‘precision farming’ are now terms used for this emerging information and operational technologies.


And, with these advances comes risk. E-crime activity is currently the most likely cyber threat to the agriculture industry, with nearly 80% of breaches across the sector being perpetrated by cyber-criminals last year. Farmers are now, more than ever potential victims of economically motivated targeted cyber-attacks as criminals seek to target their sensitive business data, so the requirement for cyber awareness is critical.


Ensuring their business security, farmers can follow simple practices to help mitigate these potential threats. Data is what an intruder wants, which includes things like your email address (personal or business), home address and contact numbers. They are the gateway to other sensitive information such as supply chain contracts, financial records and employee details. If you don’t have robust passwords to protect your devices and systems, this can spell grave consequences for your productivity, profitability, reputation and much more.


The difficulties rural communities across Wales have with accessing reliable broadband services presents a field day for cyber criminals. Add to that the increasing average age of farm owners and the strong likelihood of them not being up to speed with the pitfalls of being connected online can bring, and it significantly increases the vulnerability.


Imagine if someone hacked your remotely connected vehicles and immobilised them or leaked information about under-


performing land? The WCRC is a police-led, not for profit organisation offering free memberships, as our core purpose is to simply help businesses in the region be safer. We’re here to steer farm owners in the right direction for beefing up online safety measures, starting with these suggestions which are easy to incorporate into your everyday tasks:


Passwords

· Use strong and separate passwords for all email and software accounts. If a hacker gets into your email, they could reset your other account passwords and access critical information you have saved about yourself and your business.

· Create strong passwords using three random words eg ‘SeattleBookCoffee’ - you can incorporate special characters or numbers as well.

· Consider using a password manager– because when you use different passwords for your important accounts, it can be hard to remember them all. Often your internet browser will do this for you: it allows you to store, generate, and manage your passwords in one secure place

· Enable two-factor authentication (2FA) on email accounts and software apps (a code is sent via text to your phone or generated by an authenticator app to verify that you are the rightful user of the account)

Tech and data

· Keep your software updated – cybercriminals are able to use known flaws in your software to gain access to your system so regularly check for and install updates to help withstand hacking technologies and methods. Anything that is no longer supported is best deleted!

· Backup your key data – keep it secure by backing it up on an external hard drive which isn’t permanently connected (either physically or over a local network) to the device holding the original copy. Alternatively, a cloud-based storage system is useful as you’re saving a copy of your data elsewhere, hosted by someone else out on the internet. This means that if your device is stolen, damaged, there’s a fire or you suffer a ransomware attack, your data is not lost.

· Use a secure network at all times – any device connected to the internet such as smartphones, tablets or GPS trackers can be exploited by criminals so setting a secure password on your wireless network will prevent unauthorised individuals from hijacking the network.

Knowledge is the key here, so we also recommend staff awareness training. This can be as simple as sharing the tips above to make sure your employees also gain a level of understanding about where the potential risks are and how to mitigate them.

Further support is available through the National Cyber Security Centre (NCSC), which has joined forces with the National Farmers’ Union (NFU) to produce fantastic guidance on improving cyber resilience in the agri-farming industry.


The WCRC’s FREE core membership package includes regular NCSC cyber updates, an exercise tool of a ‘dummy run’ of a cyber-attack, alongside access to a toolkit and practical resources for safeguarding your business. Get in touch today to let us know how we can assist.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.