close
close

Food security is national security

Posted on by darion

Universities are working with industry and government to enhance cybersecurity.

Editor’s note: This story is from an episode of Seed Speaks. To watch this episode, click here.

In 2017, a major cyber espionage incident highlighted security vulnerabilities in the U.S. seed industry. The Chinese company was accused of hacking into the networks of leading US agricultural biotechnology companies such as Monsanto, DuPont Pioneer and Syngenta. Hackers used phishing emails to infiltrate these companies’ networks and steal valuable intellectual property related to genetically modified (GM) crops.

This stolen data, which included proprietary information on genetically modified seeds and trade secrets, posed significant economic risks and threatened market disruption through the potential introduction of counterfeit products. This incident highlighted the urgent need for robust cybersecurity measures in the seed industry and was a catalyst for improved cyber defenses and industry cooperation.

“Cybersecurity is something that can essentially be aimed at equipment manufacturers, the seed industry and the livestock industry,” said Jim Reecy, vice president for research in the College of Agriculture and Life Sciences at Iowa State University. “All the same techniques are used by bad actors, so what we learn in one aspect of agriculture can easily be applied across the entire (entire value chain).”

Cyberattacks targeting the food and agricultural industries, including the seed sector, are on the rise in the United States. To address these evolving threats, the National Food and Agriculture Information Sharing and Analysis Center (ISAC) has partnered with Iowa State University, the University of Nebraska, Purdue University and Virginia Tech. The goal of this collaboration is to connect university research experts with real industry threats to develop solutions that protect the sector.

“We proactively investigate threats to better protect the food and agriculture sector,” says Jonathan Braley, ISAC’s Director of Food and Agriculture. “Our partnerships with trusted universities and industry associations are designed to disseminate better information and analysis across the industry.”

Braley emphasized that the partnership is critical to monitoring threats and providing knowledge on emerging technologies for the agriculture and seed industries.

The urgent need for cybersecurity

Josh Detre, director of the University Health, Food, and Agriculture Resilience Consortium at Purdue, says that while cybersecurity in the food and agriculture sector may not receive the same attention as it does in the financial or healthcare sectors, it is a key area of ​​focus.

“Cybersecurity in agriculture is often overlooked,” he says. “This partnership allows us to work with other great universities to solve real industry problems.”

A recent study indicates that there have been at least 30 major cyberattacks on U.S. agriculture over the past decade, each causing an average of $200 million in damage.

“The average time to complete a cyberattack in the biological sector, including agriculture, is 21 days. This delay can be detrimental, making it difficult to assess and mitigate the effects,” says Feras Bartaseh, an associate professor in the Department of Biological Systems Engineering at Virginia.

Connecting academia and industry

The partnership aims to influence research and development in the seed sector, with a particular focus on high-security issues such as genetic modification and crop resistance.

“University researchers can work with industry to address these issues on an ongoing basis, improve communication and develop practical solutions,” Detre emphasizes.

University of Nebraska Associate Vice President and Director of Federal Relations Matt Hammons emphasizes the importance of connecting industry, academia and manufacturers.

“This partnership helps strengthen communication between researchers and industry, ensuring research really matters,” he says. “It also provides an opportunity to share challenges and collaborate on solutions.”

Hammons mentions Nebraska initiatives such as the On-Farm Research Network, which has connected producers with university researchers for decades.

“Manufacturers have a strong working relationship with the University of Nebraska, and this partnership strengthens that bond, enabling more effective problem-solving and innovation,” he added.

Proactive monitoring and reporting of threats

Braley emphasizes the need for a comprehensive approach to cybersecurity.

“Managing risk for the food and agriculture sector requires a partnership between industry, academia and government,” he says. “Not only are our university partners conducting research that is relevant to our members, but they are also opening up more opportunities to share threat information from Food and Ag-ISAC with small and medium-sized organizations. This university partnership program is an essential step in defending and protecting the sector.”

Braley said ISAC provides weekly threat reports to its partners, helping them stay ahead of potential attacks.

“We track vulnerabilities in IT and industrial systems, monitor ransomware trends and build collaboration opportunities,” he says. “Our reports provide valuable information to industry members.”

ISAC reports include detailed analyzes of critical security vulnerabilities, ransomware attacks and operational technology threats.

“This collaboration also allows us to share our findings with government agencies and industry associations,” he adds.

Braley also emphasizes the importance of addressing the biological component of cybersecurity in agriculture.

“Cyberbiosecurity is unique to agriculture, affecting seeds, crops and genetics,” he explains. “A threat to one aspect can spread quickly, affecting the entire supply chain.”

Supporting smaller companies and individual farmers

The partnership also aims to benefit smaller seed companies and individual growers. Braley mentioned that while not all companies have the resources to join ISAC, the organization produces guides and reports to support the entire sector.

“We understand that smaller companies may not have dedicated cybersecurity teams,” he says. “Our goal is to share lessons learned and provide advice on how to improve their defense.”

Detre emphasizes the key role of Cooperative Extension’s efforts in reaching smaller farms.

“Many small farms lack the ability to manage cybersecurity,” he says. “It’s essential to incorporate cybersecurity into extension efforts and find innovative solutions.”

Food and agricultural security is national security

Looking to the future, ISAC plans to expand the partnership to include more universities and agricultural companies.

“We have started this collaboration with an initial group of partners we have worked with before, but we are open to expanding as we identify more interested universities and organizations,” Braley says.

The broader implications of cybersecurity in agriculture go beyond immediate threats. Cybersecurity is of great importance to the seed industry due to the high value of intellectual property (IP). Seed companies invest significantly in research and development to create new, resistant seed varieties. Protecting your intellectual property from cyber theft is critical to maintaining your competitive advantage and ensuring your financial returns.

The integrity of data used in precision agriculture is crucial. Cyberattacks can corrupt or alter key data, leading to poor decisions about planting, breeding and managing crops, which can result in significant financial losses and operational disruptions. Ensuring supply chain security is also critical as cyber incidents can disrupt seed distribution, impacting availability and quality for farmers and ultimately the food supply.

Agriculture is a cornerstone of national and global economies, and cyberattacks on agricultural systems can disrupt food production and distribution, leading to shortages and economic instability. Protecting sensitive data, such as financial information, customer data, and proprietary farming practices, is also essential to prevent breaches that could compromise privacy and operational security. The growing reliance on mobile devices in modern agriculture creates additional security gaps. These devices, used to monitor and manage crops, livestock, and equipment, can be targeted by hackers.

Maintaining trust and reputation is another key aspect of cybersecurity in agriculture. Farmers and agricultural businesses must maintain strong relationships with consumers, suppliers and partners. Cyber ​​incidents can seriously damage this trust, causing long-term reputational damage and financial loss. Furthermore, ensuring food safety and quality is of paramount importance; cyberattacks affecting agricultural systems can lead to the contamination or alteration of food products, posing a serious risk to public health. Investing in strong cybersecurity measures is essential to protect the seed industry and the agricultural sector as a whole, ensuring the stability, security and sustainability of food production systems.

“Food security is national security,” says Detre. “Agriculture is linked to public health, water security, animal health and more. We must protect it from evolving threats.”

“Our main goal is to ensure safe food supplies for many years. Collaboration between industry, academia and government is a step in the right direction,” says Braley.

“We need to be creative in our communication and strategic in solving these problems,” Hammons adds. “The synergies from this partnership are promising.”

More information about the group’s progress can be found at https://www.foodandag-isac.org/.