Like biosecurity, cybersecurity is essential for rural industries

When you enter Australia, you meet some of the strictest biosecurity screening in the world. Even domestically, if you travel to South Australia with any kind of fruit in your bag, you could be facing a $375 fine.

These protocols may seem frustrating. But they’re crucial in keeping our unique environment and rural industries—such as food and agriculture—safe from biosecurity threats.

But biosecurity is far from the only threat to rural industries. As these industries evolve and the adoption of new technologies and devices increases, we lack investment and understanding of less visible but equally damaging security threats such as cybercrime.

The agrifood tech industry is rapidly evolving in Australia, attracting $800 million in investment every year. Smart devices and machinery using artificial intelligence and internet of things (IoT) connections are becoming more integrated in supply chains.

They’re also crucial in helping the sector tackle an increasingly difficult production environment. High resolution weather monitors, powered by AI and satellite radar systems, are providing farmers with data to help deal with ever-changing and increasingly severe weather patterns.

Some devices are allowing businesses to be more data-driven, while others are offering previously unthinkable flexibility in distant control of essential devices. Refrigerator temperatures can be controlled from afar, irrigation networks can be managed from elsewhere on the farm, and self-driving tractors are set to hit the market in 2026.

Innovation and technology adoption will be necessary to meet the National Farmers’ Federation’s ambitious plan for the industry to exceed $100 billion farm-gate output by 2030. To achieve this, the industry needs to almost double its current annual growth rate, from 3 percent to 5.4 percent. But the plan fails to mention cybersecurity, a key factor considering these innovations can be susceptible to the deep dark corners of the web.

For food storage, the ability to control temperature storage units from afar increases flexibility and allows for optimised storage of goods. But what if the temperature control system is breached, contaminating all of the product? Worse, what if a breach goes undetected and contaminated food reaches supermarket shelves?

Sometimes these breaches may not even be malicious attacks. They may be unintentional outages. But without systems to find and report these outages efficiently, the effects are exacerbated.

Due to the vertical integration of the food and distribution supply chain, if any of these devices are threatened or outages occur, the breach can ripple throughout the industry, disrupting national and global food supply chains and putting people’s health at risk.

IT, IoT and operational technology (monitoring-and-control systems) have become so embedded in the processing of our food and grocery supply chains that their smooth running is now crucial for business and industry continuity.

In 2023, a cyberattack forced US food giant Dole to suspend production in North America and halt food shipments to grocery stores. Although resolved quickly, the outage caused days of delays.

The most notable and largest attack on the agriculture, food and distribution industry was the cyber attack on the world’s largest meat supplier, JBS in May 2021. For five days, the attack caused JBS to temporarily close factories in the US, Canada and Australia. To unlock its systems and continue production, JBS had to pay hackers around $16.5 million.

Not only are products and goods at risk from malicious cybercrime in the industry, but business critical data is stored throughout the extensive supply chain network. And in cybersecurity, data is the prize.

In 2020, there was a ransomware attack on Talman Software, the IT system underpinning auctions and exports used by 75 percent of Australia and New Zealand’s wool industry. Although this attack did not affect the distribution of perishable products, the system shutdown prevented wool sales that the week, withholding $70 million worth of product from the marketplace. Once up and running again, this caused an increased supply of wool in following weeks and drove prices down. The consequences of one business outage shook the entire industry.

We know how important agriculture, food and distribution companies are for Australia. That’s why we need to view cyber-physical system security in IT, operational technology and IoT as essential.

Protecting this critical infrastructure from cybercrime is critical, and there are important legislative requirements such as the Security of Critical Infrastructure Act to which these industries need to adhere.

The increased integration of technology is necessary for Australia to remain a leader in these industries and should be encouraged.

But with innovation there is often risk, and as we do at the border with biosecurity, we need to pay close attention to how we can proactively prevent threats from infiltrating our supply chains.

You might also like
Government needs to ensure Australia’s digital sovereignty
Lifting northern Australia’s protein profile
The Pacific needs greater cyber resilience as malicious actors break into networks
Spyware is spreading far beyond its national-security role
Undetected and dormant: managing Australia’s software security threat
Getting regulation right to improve Australia’s cybersecurity