The growing threat to farmers from cybercrime

Threats to farmers from cybercriminals come in a whole range of forms
Threats to farmers from cybercriminals come in a whole range of forms

As more and more people use online tools to help run their businesses, farmers have been told to be wise to the threats of cybercrime.

Cybercrime is becoming one of the most common forms of criminal threat that farmers face.

In 2019 more than 60% of agricultural businesses reported one or more digital attacks, this compares to 46% of all businesses.

As the Covid-19 pandemic forces the country into an even more digital world, that threat is only becoming greater.

Phishing

Threats from cybercriminals come in a whole range of forms, the most common of these is phishing.

Phishing uses emails and text messages which appear to be reputable, purporting to be from organisations such as banks or the RPA, to try to harvest people’s bank details.

Dr Kreseda Smith, a Rural Criminologist at Harper Adams University, said that BPS payments make farmers particularly popular targets.

"Returns from the RPA are key targets for cybercriminals. With small businesses, payments in and out of banks are always a major opportunity.

"They know that in and around December farmers will have these significant sums going into their bank accounts," she said.

"The average age of farmers in the UK is 59. From that I think it is fair to suggest that not all farmers are particularly tech savvy, although I think that it is improving.

"Unfortunately, I think that does make it a little bit easier for some farmers to fall into the trap."

As well as phishing some of the larger farm businesses could be prone to ransomware, which uses software to hack and block a user’s system, and then blackmail them for what can be very substantial amounts of money.

Government research shows that in the last three years cases of phishing and ransomware have increased by over 10%.

In 2019 a Scottish farmer fell victim to a phone scam that saw him lose over £10,000.

The scammer manipulated the caller ID displayed on the receiving phone to make it look like the call was genuinely coming from his bank.

The caller asked the victim for confirmation of his financial details to confirm that a large payment being made to HMRC was genuine.

The scammer went on to use the information collected during the call to move a five figure sum out of the farmer’s account.

Technology

As more and more technology is used by farming businesses across the UK, the greater the threat it becomes.

Sam Durham, NFU’s Chief Land Management Advisor, and an expert in rural crime, said: "Farmers are getting more technological and using more data to manage their business.

"It is a whole range of data that is being harvested, sometimes it is environmental data getting into the hands of environmental groups, but it can be apps and automation being hacked into, such as some of the technology becoming more regularly used on laying farms.

"What our discussions with the National Cyber Security Centre (NCSC) have shown us is that as a country we are becoming more web-based, and with Covid that has increased even more, so farmers need to have a really good think about how their data is accessed."

What to do

Back in December the NFU teamed up with the NCSC to produce an online guidance booklet to help farmers prepare for the threats from cybercrime.

The document offers producers advice on protecting their systems from malware, keeping devices up to date, where to go for help, backing up data, and how to deal with scam text messages, emails, and phone calls.

Mr Durham said the document makes clear the methods which some of these people use: "Ultimately, if it seems too good to be true then it probably is, and you need to be really careful about giving your details away."

This was echoed by Dr Kreseda Smith: "Farmers need to be really careful with their passwords, and there is advice on this in the NFU guidance booklet.

"Remember that banks will not phone you and ask for your details. If you have any doubts make sure that you phone them back to make sure they are who they claim to be."

She also notes that farmers do need to consider the threats from viruses but says that these can be easily protected against by using anti-viral software and a secure backup system.

Machinery buyers

One area where farming businesses have been told to be particularly wary is when buying agricultural machinery.

There were warnings in October last year when an Orkney farmer was scammed whilst buying machinery online using eBay.

Once a price had been agreed, the victim was sent a fake PayPal link by the criminal, which meant the sale amount was transferred to the scammer’s personal bank account.

Cybercriminals have also been targeting farmers with a scam that involves creating fake websites which use legitimate business details based on real farms.

These websites are then used to advertise non-existent farm machinery, luring victims to part with their money for nothing in return.

Given the recent government restrictions buyers have been increasingly looking online to purchase expensive farm equipment.

The NFU encourages farmers to use a secure payment method with an extra layer of password protection, and check for the browser ‘padlock’ when shopping online.

If the website uses a ‘https’ web address and carries a security padlock in the browser, it means that any data entered is encrypted, making it harder for others to intercept.

6 tips to stay cyber secure

• Keep old software up to date

• Back up your data

• Use anti-viral software and a firewall

• Always use strong passwords

• Remember that the RPA or your bank will never ask for personal information in a text or email

• Scam emails and texts will often try to persuade you to click on a link