Top tips for improving your nursery’s cybersecurity

By David Hunt, Smart Farming Project Officer

Smart technology or Agtech is constantly improving, becoming more affordable and easier to use with a wide range of these technologies now available for monitoring crops or automating processes. However, the convenience these technologies provide also bring with them issues of computer and internet security.

At the Smart Production Nursery in Torbanlea, Queensland, we are continually trialling Smart technologies to improve nursery production processes, as part of the Smart Farming Projects Partnerships funded by the National Landcare program, Greenlife Industry Australia (GIA) and Hort Innovation. If you are thinking about installing Smart technology in your nursery as we have done, then you must also assess the cyber security of your computer network and all computerised systems connected to it.

Any smart technology, be it a simple water quality sensor streaming data to an office dashboard, or a highly sophisticated computerised irrigation controller with remote connectivity, is potentially exposed to hackers when it is connected via the ‘Internet of Things’ (IoT) or the ‘cloud’. Without the appropriate cybersecurity in place, your technology could be the gateway for a ransomware attack.

Unlike computer viruses that can usually be removed from the computer, a ransomware attack is an active intrusion into your computer system by a hacker with the intention of stealing your data and holding you to ransom. Once a hacker has control of your computer, there is little chance you will be able to retrieve your files.

The Australian Cyber Security Centre in their Annual Cyber Threat Report 21-22 identified ransomware and cybercrime as the most destructive threat to all sectors of the Australian economy¹. In November 2022, the internet security company Bitdefender listed Australia in the top 10 countries most impacted or targeted by cybercriminals for ransomware attacks².

Hacking to a hacker is simply business, they do not care who you are or what business you run, they are only interested in extorting money as quickly and easily as they can. They look for vulnerabilities in both the software and hardware of a computerised system. Once they gain access to a system, these hackers look for high priority data such as business or production data and block your access in what is called a ‘Denial of Service’ (DoS) attack.

Imagine if your climate-controlled propagation greenhouse was taken over by a hacker demanding a ransom. These people could stop the irrigation, close all vents, suffocate your crops, and destroy the main computer leaving you with no product to sell and a greenhouse that needs a new control computer. Or what if they got access to your order delivery system? They could redirect shipments to the wrong customer, costing you more and damaging your business’ reputation.

However, it is not all doom and gloom. Technology companies are constantly designing better security programs and developing patches to fix vulnerabilities. There is also an increasing number of ‘ethical hackers’ constantly looking for vulnerabilities so as to develop patches to block ransomware attacks.

So how can you keep your computer system safe?

If you have recently upgraded your office PC to the latest system and installed a high-level internet security program, then that is a good start. However, if you are still using a 10-year-old computer in the back room for inventory or basic functions, and it is connected to the internet, it could still be a vulnerable point of entry.

Here are some tips to help you keep your nursery business safe from ransomware and other malicious attacks on your operating systems:

1. Regularly update software on all your computers

If your computers are more than three years old, and/or are running on an older operating system, and/or you have not done any software updates recently, spend some time updating all software on all your computers now. If you only have a basic antivirus program without malware or ransomware monitoring, consider upgrading your security software. Remember to have your routers, modems and servers checked as well. Some older units are known to have firmware vulnerabilities that hackers can use to penetrate your operating system.

2. Protect your passwords

Ensure all passwords are strong and activate two-factor authentication to make it harder for hackers to get access to your system. Back up your files to a separate storage system or external hard drive.

3. Remember to update your mobile phone

Always update your mobile phone operating system as well. Although mobile phones use a sandbox function to isolate apps from the central operating system, downloading an unknown or unsecure app from a third-party website could provide a pathway for an infected or corrupted app to be installed. Apps installed from the Apple, Windows or Google Play stores are all tested for vulnerabilities and security before they can be downloaded.

4. Seek the advice of your IT service provider

Talk to your IT service provider and have your network assessed for security. If you do not have an IT support service, talk to your local computer specialist, and arrange for a systems assessment.

5. Visit the Australian Cyber Security Centre (ACSC) for more help

The Australian Cyber Security Centre (ACSC) is the Australian Government’s portal for reporting a cyber-attack and where you can find advice on what to do if you are a victim of cybercrime. The ACSC have developed the ‘Exercise in a Box’ training resource that businesses can use to assess their cyber security, identify how to improve it, and practice how to respond to a cyber-attack.

The best way to stop a cybercrime is to prevent it from happening. So, when considering installing smart technologies, remember to also assess your computer network and your cybersecurity.  

References

1. Australia Cyber Security Centre, Annual Cyber Threat Report, July 2021 to June 2022, viewed 29 November 2022, https://www.cyber.gov.au/acsc/view-all-content/reports-and-statistics/acsc-annual-cyber-threat-report-july-2021-june-2022
2. Bitdefender Threat Debrief, November 2022, viewed 2 December 2022, https://businessinsights.bitdefender.com/bitdefender-threat-debrief-november-2022

The Smart Farming project has been funded by Hort Innovation nursery products research and development levy and the Australian Government’s National Landcare program. Hort Innovation is the grower owned, not-for-profit research and development corporation for Australian horticulture.