* Carlos Borella
Much has been said about the evolution of the use of technology in agribusiness. In fact, the last few decades have been revolutionary for the sector worldwide, with the development and implementation of a number of new technologies. This movement, added to the growing competitiveness, the need for increasingly larger production volumes and the high investments destined to the sector, has enabled the use of the most diverse technologies and solutions simultaneously, giving rise to what some experts already call Agriculture 5.0, or simply Agro 5.0.
The concept goes beyond the use of technology, foreseeing the existence and operation of the so-called “ghost farms” (from the English term ghost farms). What experts call phantom farms are, in fact, farms that will be fully functional with very little or no human participation. For this, they will rely only on robots, software and mechanization / automation of the production process.
In this sense, the operation of these farms will be increasingly dependent on technology. We are talking about an entire production chain operated by hundreds, or thousands, of connected devices. If, on the one hand, the concept opens up new possibilities, on the other hand it brings to the field a hitherto uncommon concern: cyber risk management.
It is not difficult to imagine that fully automated ecosystems are subject to risks such as espionage or attacks financed by interested parties, be they companies or even other countries.
The fact is that, together with the concept of Agro 5.0, we will see a growing concern with the elimination of the materialization of certain threats and, consequently, operational, financial, image impacts, etc. Want an example? Imagine unauthorized access, or attack, to one of these farms.
From this access, the attacker could obtain relevant information on processes that range from planting schedules to processing. This means access to information about the crop, crop volume, etc., or its processing, for example, in the case of sugarcane, the percentage defined for sugar or alcohol. With this information in hand, malicious parties participating in the ecosystem could direct negotiations or even directly influence prices.
In more specific situations, where the goal would be to cause damage by influencing the productivity of the operation, an attacker could have control of devices. With this, he could, for example, interrupt or intensify the irrigation of crops, causing incalculable losses for the operation.
Historically, there are countless incidents involving espionage motivated by stakeholder interests, often even financed by countries, more specifically governments with specific interests. There is no doubt that we can soon witness attacks aimed at espionage aimed at agribusiness, thanks to the high level of automation and computerization of these operations and, mainly, due to the worldwide relevance of the sector.
At this time, list or map all cybersecurity risks to which these operations may be exposed is only the first step. Along with the dissemination and popularization of the use of technology, it is necessary to start discussing the relevance of cybersecurity to agribusiness. As these operations mature the use of technology, they need to start developing their risk management programs, or corporate risk programs, considering the risks to which they tend to be more exposed from now on. It is the second step of a long journey.
* Carlos Borella is CEO of Safeway
SAFEWAY is an Information Security consulting company, recognized by its clients for offering high value added solutions through projects that fully meet business needs. During these years of experience, we have proudly accumulated several successful projects that have earned us credibility and prominence in our clients, which constitute in large part the 100 largest companies in Brazil.
Today, through 22 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology solutions, processes and people. SAFEWAY's SOC uses QRadar to monitor customer environments.