This week, I read a very interesting article about an incident where an OT (operational technology) device was subject to a ransomware attack when cyber criminals hit a dairy farm.
According to SecurityAffairs.com, “crooks took control of a cow milking robot and demanded a ransom from a farmer who refused to pay it, resulting in the death of a cow.”
It transpires that the milking robot wasn’t just in charge of milking the cows; it actually served as a database of everything to do with the life of the herd. This included data around age, weight, date of pregnancy etc.
“Cyber criminals hit a dairy farm” is not your usual headline. So how did this happen?
With all the cows’ data encrypted, the farmer lost the ability to manage his herd. As such, a pregnant cow didn’t get the medical attention it needed throughout its pregnancy and sadly died as a result of an avoidable medical complication.
For those of you who are interested in the CIA triad, this incident hit the “I” and the “A”. The data was encrypted, so its integrity was compromised and the knock-on effect was that the data was not Available.
Naturally, the incident came with a ransom note to the tune of $10,000. The farmer opted not to pay it but to try to rebuild the data from earlier backups. He did, however, end up spending $6000 on a new system.
Not an isolated incident
You might think that the opportunities where cyber criminals hit a dairy farm might be few and far between but, surprisingly, it’s not the first time this has happened.
“The Swiss Farmers’ Union (USC) noted other instances of cyber attacks on milking robots, but stated it’s not yet widespread,” SecurityAffairs.com added. “USC pointed out that the inability to milk cows is a critical issue.”
What I find interesting is that a dairy farm is not necessarily the most obvious of targets. I think, by and large, that a lot of farms (of all types) fly under the radar for the most part when it comes to cyber criminals. However, the digitisation of farming is big business, and as a result of the growth in that sector, there has been a huge amount of OT being rolled-out across the country recently. I can see the farming industry being a growing target for cyber criminals looking to cause widespread disruption.
If you look at your own industry, you may find that your manufacturing plants are more computerised than ever, or your supply chain may be going through somewhat of a digital revolution. It is important to understand the risks involved with all things computerised. I can envisage situations in which older computer-controlled machinery is now being hooked up to the internet in order to drive an app on your phone, or to a cloud-based management console where previously they were stand-alone machines that were air-gapped from the internet.
What does this mean in terms of cyber security?
I feel that this incident at the dairy farm is a very clear warning to not only those with OT environments, but also those who assume that they are safe from cyber criminals because they’re not a “usual” target.
I’m all for companies taking appropriate steps to secure themselves based upon their size, location, business type etc, because at least that shows they’ve given their security some thought. But I would also caution those businesses that just because they’re measuring risks as they see them, they may not identify the same risks that a cyber criminal would see. This will leave gaps and potential opportunities for malicious actors to take advantage of.
In short, do not assume you’re safe. Assess your risks, and get them sanity checked by a professional.
If you have concerns about your organisation’s cyber security, get in touch with me at rich@th4ts3cur1ty.company for a complimentary chat.