Agriculture in the crosshairs of nation-state sponsored hackers (2/5)

If you want to overcome your adversaries you must know both yourself and your enemies, and fully understand your enemies’ intentions. Hunt & Hackett has observed an discerning increase of activity of Advanced Persistent Threat groups (APTs) in the agricultural sector. In this series of blogs, the threat posed by APTs to agriculture industries is analyzed and it is explained what motives lie behind these cyber-attacks. In this part of the series, it is explained why nation states resort to cyber-attacks so easily and a first glimpse is offered into who the key APT threat actors in agriculture are. Part 1 can be found here.

For a long time in history, when the human world population did not exceed 2 billion people, farming was practiced on a small scale and meant for personal or local use. Fast forward to 2021: the 8th billion inhabitant of this planet will be born in the next 2 years and 2 billion more will see the light of day in the next few decades. Adding to that, the world population is also getting wealthier, raising the demand for food even more. Over 800 million people already do not have sufficient access to food. This plays out at the time that the world is also dealing with the challenges of climate change. It is therefore no wonder states worry about their population’s food security. The need for larger yields is ever growing and has forced countries to look outside of their borders in order to learn about new techniques and knowledge, which is also visualized in Figure 1.


 The challenges for the global agriculture industry

Figure 1 – The challenges for the global agricultural industry.

To meet the increased demands, farming has evolved to a stadium long past the one of hitching an ox onto your plow and hoping you harvest enough crops to make some money at the local market. Nowadays, the food system is a global interconnected industry using genetically modified seeds and state-of-the-art automated technologies to secure the biggest yields and use the available land as efficiently as possible. The food supply chain is highly concentrated with a limited number of organizations controlling the global market. Innovation by the leading organizations is widely regarded as potential solution for the rising demand while dealing with the devastating impact of climate change and resource scarcity. Through academic and research partnerships, mergers and acquisitions, and other ways of cooperation between countries, knowledge gets the chance to spread around the world. However, for some states this overt cooperation is too slow, too costly or simply not a viable option. They prefer or complement their licit activities with an illicit way of obtaining information and technology: cyber-attacks.


"There are now three certainties in life - there's death, there's taxes and there's a foreign intelligence service on your system."

- Sir Iain Lobban, Former Director GCHQ


Information and technologies that could help nations in providing food security for their population is badly wanted. Through cyber espionage, expensive and time absorbing R&D projects are being avoided while the risk of getting caught or facing lasting consequences is low. Through their own, sponsored, affiliated or tolerated APT-groups, governments can deploy highly sophisticated cyber-attacks anywhere in the world from a safe distance. This distance is not just physical, governments often deny any kind of connection to the affairs of these APTs. By doing so, it is difficult for the international community to punish or blame governments for the cunning cyber-attacks of their APTs, even though little question exists about their actual involvement.


Origin countries of APTs active in agricultural and related industries as observed by Hunt & Hackett

Figure 2 - Origin countries of APTs active in agricultural and related industries as observed by Hunt & Hackett


There are many countries known to make use of APTs extensively, even Western allies like the UK, France and the US sometimes attacks friendly nations. However, in the agricultural sector and related industries, most cyber-attacks are being commissioned by the usual suspects: China, Iran, Russia and North Korea (see also Figure 2). Using their extensive cyber capabilities has become an integral part of their strategy to further develop their economy. Where some countries, like the Netherlands, focus on defensive cybersecurity, other countries have already set up offensive cyber-capabilities and use them for economic espionage. In the next parts of the series, we will look into why these countries in particular stand out in their use of APTs in the agricultural sector and what activity has been observed in the past.



Keep me informed

Sign up for the newsletter