The August 2022 issue of IEEE Spectrum is here!

Close bar

Cybersecurity Report: “Smart Farms” Are Hackable Farms

Net- and IoT-connected agriculture could help feed 8.5 billion by 2030—but also may be broadly vulnerable to cybersecurity threats

3 min read
Aerial view of a farmer using a digital tablet monitoring vegetables on large scale vegetable farm
Photo: Martin Harvey/Getty Images

Some have dubbed this the era of “smart agriculture”—with farms around the world scaling up their use of the Internet, IoT, big data, cloud computing and artificial intelligence to increase yields and sustainability. Yet with so much digital technology, naturally, also comes heightened potential cybersecurity vulnerabilities. 

There’s no scaling back smart agriculture either. By the end of this decade we will need the extra food it produces—with world’s population projected to cross 8.5 billion, and more than 840 million people affected by acute hunger. Unless smart agriculture can dramatically increase the global food system’s efficiency, the prospect of reducing global malnutrition and hunger—let alone the ambitious goal of zero hunger by 2030—appears very difficult indeed.  

Agriculture 4.0 (as smart ag is also called) aims not just at growing more food but also at increased efficiency, more powerful data analysis, and more intelligent automation and decision-making.

Although smart agriculture has been extensively studied, “the security issues [around] smart agriculture have not,” says Xing Yang from Nanjing Agricultural University in China. Research in the field to date, he adds, has mostly involved applying conventional cybersecurity wisdom to agricultural tech. Agricultural cybersecurity, by contrast, he says, is not given enough attention. 

Yang and his colleagues surveyed the different kinds of smart agriculture, as well as the key technologies and applications specific to them. Agricultural IoT applications have unique characteristics that give rise to security issues, which the authors enumerate and suggest counter-measures for. (Their research was published in a recent issue of the journal IEEE/CAA Journal of Automatica Sinica.)

For example, while field agriculture might be subject to threats from damage to the facility, poultry and livestock breeding may face sensor failures, and greenhouse cultivation could face control system intrusions. All of these could result in damage to the IoT architecture, both hardware and software, leading to failure or malfunction in farming operations. Plus, there are threats to data acquisition technologies—malicious attacks, unauthorized access, privacy leaks, and so on—while blockchain technologies can be vulnerable to access control failure and unsafe consensus agreement. 

In Yang’s opinion, the most pressing security problems in smart agriculture involve the physical environment, such as plant factory control system intrusion and unmanned aerial vehicle (UAV) false positioning. “The network for rural areas is not as good as that of cities,” he says, “which means that the network signals in some areas are poor, which leads to…false base station signals.”

The researchers also paid extra attention to agricultural equipment as potential security threats, something that recent studies have not done. “Considering that the deployment of IoT devices in farmland is relatively sparse and cannot be effectively supervised, how to ensure the physical security of these devices is a challenge,” Yang says. “In addition, the delay caused by long-distance signal transmission also increases the risk of Sybil attacks [which is] transmitting malicious data through virtual nodes.”

In their experiments with solar insecticidal lamps, for instance, they found that the lamp’s high voltage pulse affects the data transmission from Zigbee-based IoT devices and data acquisition sensors. Thus, Yang says, to minimize unnecessary losses, it’s important to study each device in the context of how it’s actually deployed in the field, including the possible safety risks of specific agricultural equipment.  

The study also summarizes existing security and privacy countermeasures suitable for smart agriculture, including authentication and access control protocols, privacy-preserving frameworks, robust intrusion detection systems, and cryptography and key management. Yang is optimistic that the application of existing technologies—such as edge computing, artificial intelligence and blockchain—can be used to mitigate some of the existing problems. He says that AI algorithms can be developed that might detect the presence of malicious users, while existing industrial security standards can be applied to design a targeted security scheme for agricultural IoT. 

This represents a significant research challenge, he says, because current datasets used in deep-learning approaches are not based on smart agriculture environments. Therefore, new datasets are required to build network intrusion detectors in a smart agriculture environment. “These [new] technologies can help the development of smart agriculture and solve some of the existing security problems,” Yang says, “but they have loopholes, so they also bring new security issues.”

The Conversation (0)

How the FCC Settles Radio-Spectrum Turf Wars

Remember the 5G-airport controversy? Here’s how such disputes play out

11 min read
This photo shows a man in the basket of a cherry picker working on an antenna as an airliner passes overhead.

The airline and cellular-phone industries have been at loggerheads over the possibility that 5G transmissions from antennas such as this one, located at Los Angeles International Airport, could interfere with the radar altimeters used in aircraft.

Patrick T. Fallon/AFP/Getty Images

You’ve no doubt seen the scary headlines: Will 5G Cause Planes to Crash? They appeared late last year, after the U.S. Federal Aviation Administration warned that new 5G services from AT&T and Verizon might interfere with the radar altimeters that airplane pilots rely on to land safely. Not true, said AT&T and Verizon, with the backing of the U.S. Federal Communications Commission, which had authorized 5G. The altimeters are safe, they maintained. Air travelers didn’t know what to believe.

Another recent FCC decision had also created a controversy about public safety: okaying Wi-Fi devices in a 6-gigahertz frequency band long used by point-to-point microwave systems to carry safety-critical data. The microwave operators predicted that the Wi-Fi devices would disrupt their systems; the Wi-Fi interests insisted they would not. (As an attorney, I represented a microwave-industry group in the ensuing legal dispute.)

Keep Reading ↓Show less