I Think You Were Hacked!

Messages were pouring in from friends and family via text and social media saying "I think you were hacked". I see this happen to friends all the time and I guess last week my luck ran out when someone created an account in my name.

I found "my" fake account on Instagram and reported it. However, my curiosity got the best of me, so I engaged with fake "me". Despite my pleasantries “me” urgently needed $200 via Cashapp to "save my soul from jail." I should've blocked hacker "me" at this point but instead I called hacker “me” …multiple times. My calls were refused over and over, but a man finally picked up. In broken English he yelled “Are you mad?” I had no response but instead laughed and hung up.

The fun was over. I blocked “me" and reported the account again. Meta removed the fake account about 12 hours later. Ironically, I still felt disturbed someone was impersonating me, contacting my friends and family, and even sent a screenshot of my real account to me as a threat for money. Time will tell if that's the end of his threats, but I won't be the last person or organization targeted by hackers.

The "USDA Agri-Food Supply Chain Assessment: Program and Policy Options For Strengthening Resilience", published earlier this year addressed many concerns affecting our food supply. We have a very productive agricultural system in the U.S. with widespread infrastructure, supportive public policy and a very strong private agribusiness sector but the past two years have highlighted many vulnerabilities in our systems. This is very apparent by the still bare shelves in grocery stores, numerous store closures, significant holes in our labor force, and an inefficient transportation system. A cyberattack on any one of these systems would further cripple our food supply.

Cybersecurity threats are a significant concern and a reality. May 2021 there was a cybersecurity attack on the second largest meat processing firm in the U.S. which forced a three-day closure of 25% of beef and 20% of pork processing capacity nationally. “Even temporary disruptions to food supply chains immediately affect nearly every American household, as food needs to be purchased frequently and consumed daily.”

Seed companies are victims of cyberattacks as well. This year, Stine Seed, the nation’s largest private seed company had their data systems attacked. The FBI became involved and thankfully Stine did not suffer heavy damage. Hackers target organizations who rely on intellectual property, high-tech processing, GPS systems, product data, and operational competitiveness.

When our food-supply is targeted we all become victims. A large-scale and organized cyberattack on agricultural companies would have significant humanitarian and financial consequences. According to the Internet Security Alliance “Cyber terrorism is a relatively low-cost venture with high payoff potential, making the risks of agroterrorism too large to ignore.”

How do you prevent being hacked? The USDA Rural Development office shared the following tips from MIT:

1. Turn on two-factor authentication (2FA). Accessing accounts require a password and a code texted to your phone.

2. Use good password hygiene and password managers. Make applications for password management available to employees and teach them to use strong, unique passwords for each of their accounts and logins.

3. Teach employees about phishing and malware. The most common attack vector is getting employees to click on links in phishing emails. Reducing these dangerous clicks that infect a computer and then propagate across the network are critical to keeping attackers out.

4. Effectively apply software updates and patches. Firms should make sure they have a plan in place to apply software updates and patches to their systems and machines quickly and efficiently. Unpatched systems leave security holes open.

5. Only systems that need it get internet access. One of the best ways to protect critical systems is to keep them disconnected from the Internet. It puts physical distance between the connected parts of the network and critical/valuable systems.

6. Be able to recover quickly. Perform regular backups. Ransomware is where hackers lock your data and require payment to release it (or not). It is currently the most common cyberattack. Regular & frequent backups are your best defense and use the 3-2-1 rule: 3 copies, 2 media (cloud, hard drive, tape), 1 located offsite.

Want to see a scammer get scammed? Check out Jim Browning on YouTube, a software engineer from Northern Ireland whose content focuses on scam baiting and investigating call centers engaging in fraudulent activities.

For more information, contact AgCultured Consulting.