When agriculture meets technology




Farming like all industries is fast becoming a technologically-savvy sector, with heavy investment being ploughed into new advancements.


Smart farms are becoming common place with GPS, robotics, sensors and actuators, big data, drones, and many more being used to increase productivity and sustainability.


And it’s not only the farmers who are getting to grips with these improvements, cyber criminals are now getting in on the action. Over the past 12 months, 376 reports of cybercrime involving businesses across the East of England have been made. This is a loss of £366.8k and that’s not including all the cases which have gone unreported.


In recent months, John Deere, which manufactures agricultural machinery, and its competitors have attracted the attention of independent security researchers looking for vulnerabilities in both hardware and software. Forbes reports that some of these vulnerabilities “could potentially allow malicious actors to gain access to sensitive applications and obtain administrative permissions that would expand their reach on OEM infrastructure. Attackers could also harvest sensitive information about customers, equipment and more that could be used in further attacks”.


Stark warning! As the agricultural equipment industry takes initial steps to address its cyber security, SMEs within the agriculture sector need to do the same with their understanding of the technology they use and the fundamentals of cyber resilience. The equipment manufacturers can build a product which has no vulnerabilities but that doesn’t help if the password you have set can be easily guessed, or if you can’t recognise a phishing email.


Where do you start?


Recognise what digital assets your business has. This means everything from the computer where you send your emails and run your farm management software, to the automated machinery, security cameras and smart phones which help run your farm.


o Are these up to date?

o Do you have any old machines which are no longer supported – these should be replaced if possible

What online accounts do you use? Social media, email, banking, Rural Payments Service, HMRC etc.

o these need to have strong, unique passwords and enable two factor-authentication wherever possible

What data do you need to backup and ensure that it is?! – this is the information that you need to be able to function

o Backups should be carried out regularly and stored offline, consider using cloud storage to achieve this

Keep your devices secure.

o Switch on password protection and turn on the encryption product into your operating system (e.g. BitLocker/Filevault)

Ensure you and your staff are aware of what phishing is. Most phishing emails or texts rely on the following.

o Authority (pretending to be someone official), urgency (you must respond immediately), emotion (does it make you feel scared, upset, panic), scarcity (is there a fear of missing out)

o Criminals may know the dates of your BPS payment window so be extra vigilant around this time


Support is available through the National Cyber Security Centre (NCSC), which has joined forces with the National Farmers’ Union (NFU) to produce fantastic guidance on improving cyber resilience in the agri-farming industry.


The ECRC’s FREE core membership package includes regular NCSC cyber updates, an exercise tool of a ‘dummy run’ of a cyber-attack, alongside access to a toolkit and practical resources for safeguarding your business. Also, keep up to date with all our news on LinkedIn and Twitter.


Get in touch today to let us know how we can assist.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.