Security News > 2021 > August > Connected Farms Easy Pickings for Global Food Supply-Chain Hack

A group of hackers made an unnerving DEF CON 29 presentation showing how the sprawling growth of digital and automated farming has left the world's food supply chain vulnerable to cyberattack.

According to John Deere, current tractors being sold are connected to a moisture sensor monitor called HarvestLab, and an overall monitoring software system called Harvest Monitor, which displays real-time productivity measurements on a monitor.

It's easy to see how this seamless, constant data collection and analysis could be handy for farmers, however the security of holding all that data on the world's modern farms in one single platform begs consideration, Hackerman points out.

With some additional time, Sick Codes was able to breach the John Deere platform to make changes to supply networks, equipment reservations and even the contact details of those who received "Demo units" from John Deere.

To improve security at John Deere, the company said it has increased annual security investment by 750 percent and partnered with HackerOne for a bug-bounty program.

The DEF CON 29 presentation explained that Sick Codes was assembled in consultation with a farmer and grandson of a John Deere board member, Willie Cade; a farmer and engineer out of Nebraska, Kevin Kenny; as well as Paul Roberts from Security Ledger who first mentioned to Goodman that John Deere didn't have any CVEs.

News URL

https://threatpost.com/connected-farms-food-supply-chain-hack/168547/