Kuala Lumpur, Malaysia – The US state of Montana suspended the use of an agricultural database to improve security for months before its developer had to fix security flaws exposed in a suspected cyberattack. sponsored by China, newly obtained documents show.
The Montana Department of Agriculture temporarily took USAHERDS web-based software offline last year to allow app developers to increase security following an unspecified “event,” according to documents obtained by Al Jazeera get.
The security upgrade comes months before Acclaim Systems, a Pennsylvania-based app developer, released a patch in November to fix vulnerabilities exploited in an alleged campaign of attacks. by APT41, a China-based group that cybersecurity experts and US officials say. carry out espionage on behalf of Beijing.
It’s not clear if the events that led to recent changes to USAHERDS, which is used to track cattle in at least 18 US states, have anything to do with the APT41 attack, revealed the following March. investigation by the American cybersecurity company Mandiant.
Mandiant’s report on that hacking campaign said APT41 had infiltrated the networks of at least six US state governments but did not mention any states.
China has repeatedly said that it opposes all cyber attacks and will never support or encourage such activity.
In a letter to Montana’s agriculture department last year, Acclaim Systems CEO David P Burgess said the changes his company was asked to make after an “event” in Montana has been “completed and tested” and can be “deployed to your staging area for testing as you permit”.
“This letter is intended to make it clear that we have made those proposed changes so that this app can be brought back online for use in Montana,” Burgess said in the August 6 letter. year 2021.
The exact nature of the events and the security changes, including who requested them, are unclear because officials in Montana, a mostly rural, western state, edited the reports. important part of the letter before releasing it to Al Jazeera, although the text shown shows a security upgrade including new encryption.
Burgess’ letter also mentions “other inquiries” his company has received from the department and expresses a desire to address “other areas of concern.”
“We are doing our part to help harden this environment,” says Burgess.
In October, when Manidant said the USAHERDS exploit of APT41 was widespread across many states, Montana’s agricultural department received a notification from a US government-backed cyber threat monitoring center. said the app had been compromised, the documents also show.
The contents of the warning, submitted by the Multistate Information Sharing and Analysis Center, were fully edited by state officials prior to its release.
Al Jazeera obtained the letter and other related documents through a public records request with Montana’s department of agriculture.
The Montana Department of Agriculture, the Montana Department of Public Administration, representatives of Acclaim Systems, and Mandiant either declined to comment or did not respond to questions. The National Agribusiness Technology Center, a nonprofit that oversees the USAHERDS network, also did not respond to a request for comment.
According to cybersecurity experts, agriculture has become an increasingly popular target for cyberattacks in recent years amid the growing digitalization of the industry and the perception that this is a soft target compared to the rest of the world. with other industries.
American cybersecurity firm CrowdStrike said in a 2020 report that it has seen a 10-fold increase in cyberattacks affecting the agricultural industry in just a 10-month period.
In April, the Federal Bureau of Investigation issued a warning warning farmers to watch out for ransomware attacks during the harvest and growing seasons, citing a series of attacks on grain companies and farms. agriculture in the previous year.
Adam Meyers, CrowdStrike’s head of intelligence, said the agricultural sector has become a valuable target for both cybercriminals and state actors, with hackers linked to China and North Korea. Tien is leading industrial espionage efforts around the world.
“Both climate change and conflict in Ukraine continue to put additional pressure on international food supplies as threats to agriculture continue to grow,” Meyers told Al Jazeera. “Digital agriculture continues to rely heavily on cutting-edge technology, which is highly sought after for industrial espionage purposes.”