Don’t let cyber criminals plough through your data



It’s safe to say that we love a bit of farming in the East of England. In fact, as an industry it has seen an increase of 31% in income over the last five years, with wheat, poultry meat, fresh vegetables and pigs all accounting for a 51% share of the market (according to Defra Aggregate).


Kent, for example, is considered the Garden of England and has some of the most fertile soils and best-growing weather conditions in the country, with more than 70% of the area operating as farmland. East Anglia is another, with around three-quarters of the region used for agriculture and farmers playing an essential role in its local economy.


With the average farm size in the east region standing at about 121 hectares (larger than the English average), its clearly big business and as this sector continues to grow the reliance on digital connectivity, management software and automation for enhanced efficiency increases.


And yet, the difficulties rural communities, such as Kent and East Anglia have with accessing reliable broadband services presents a field day for cyber criminals. Add to that the increasing average age of farm owners and the strong likelihood of them not being up to speed with the pitfalls of being connected online can bring, and it significantly increases the vulnerability.


Simply having an email address or online banking expeditess the chances of cyber threats. The risks become much more significant with the uptake of investment in high-spec tech in a sector which is relatively new to digital-centric approaches to running a business. The Cyber Security Breaches Survey 2021 states that four in ten businesses (39%) have reported breaches or attacks in the last 12 months, with the average cost of damage close to £8,500.


There’s often a misunderstanding throughout the industry that cyber intruders are only interested in the likes of JBS which recently suffered a £8m ransomware attack and not the machinery dealer in Lakenheath, Suffolk or the family-run fruit growing business in Wisbech, Cambridgeshire. This is not the case at all. Intruders are looking for any way in and for them, the mindset is not on the size of the cow but the fact it has meat.


And in this case, ‘meat’ equals data. This precious commodity includes things like your email address (personal or business), home address and contact numbers. They are the gateway to other sensitive information such as supply chain contracts, financial records and employee details. If you don’t have robust passwords to protect your devices and systems, this can spell grave consequences for your productivity, profitability, reputation and much more.


Imagine if someone hacked your remotely connected vehicles and immobilised them or leaked information about underperforming land? The ECRC is a police-led, not for profit offering free memberships, as our core purpose is to simply help businesses in the region be safer. We’re here to steer farm owners in the right direction for beefing up online safety measures, starting with these suggestions which are easy to incorporate into your everyday tasks:


Passwords

· Use strong and separate passwords for all email and software accounts. If a hacker gets into your email, they could reset your other account passwords and access critical information you have saved about yourself and your business.

· Create strong passwords using three random words eg ‘FieldStrawberryGrassSunshineShark’ - you can incorporate special characters or numbers if the website needs you to.

· Consider using a password manager– because when you use different passwords for your important accounts, it can be hard to remember them all. Often your internet browser will do this for you: it allows you to store, generate, and manage your passwords in one secure place

· Enable two-factor authentication (2FA) on email accounts and software apps (a code is sent via text to your phone or generated by an authenticator app to verify that you are the rightful user of the account)

Tech and data

· Keep your software updated – cybercriminals are able to use known flaws in your software to gain access to your system so regularly check for and install updates to help withstand hacking technologies and methods. Anything that is no longer supported is best deleted!

· Backup your key data – keep it secure by backing it up on an external hard drive which isn’t permanently connected (either physically or over a local network) to the device holding the original copy. Alternatively, a cloud-based storage system is useful as you’re saving a copy of your data elsewhere, hosted by someone else out on the internet. This means that if your device is stolen, damaged, there’s a fire or you suffer a ransomware attack, your data is not lost.

· Use a secure network at all times – any device connected to the internet such as smartphones, tablets or GPS trackers can be exploited by criminals so setting a secure password on your wireless network will prevent unauthorised individuals from hijacking the network.

Knowledge is the key here, so we also recommend staff awareness training. This can be as simple as sharing the tips above to make sure your employees also gain a level of understanding about where the potential risks are and how to mitigate them.

Further support is available through the National Cyber Security Centre (NCSC), which has joined forces with the National Farmers’ Union (NFU) to produce fantastic guidance on improving cyber resilience in the agri-farming industry.


The ECRC’s FREE core membership package includes regular NCSC cyber updates, an exercise tool of a ‘dummy run’ of a cyber-attack, alongside access to a toolkit and practical resources for safeguarding your business. Get in touch today to let us know how we can assist.



The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.