Cybersecurity: Safeguarding Agricultural Information in the AI Age

On May 5, 2022, AGCO Corp., one of the largest ag equipment manufacturers in the world, suffered a ransomware attack. According to the company, this incident disrupted AGCO’s production at several of its facilities. Ultimately, AGCO was able to restore most of its operations to normal by May 17, but the episode highlighted for the entire agricultural industry that it was now a target of sophisticated cyberattacks.

There have been numerous other cyberattacks on agriculture over the past four years as well. According to Trey Malone, Associate Professor Agricultural Economics at Purdue University, one of the major reasons agricultural companies are finding themselves as attractive targets for such malicious activities ties back to one of the primary purposes the industry serves in the first place — to produce food.

“Food security is national security; full stop,” says Malone. “Food production depends on digitally connected systems that operate on tight, ‘unpausable’ timelines. That combination makes agriculture an attractive target. Most of the systems the industry relies on were adopted for efficiency rather than security as the primary priority.”

Another reason agricultural companies are targets of cyberattacks, says Michael Moore, Executive Vice President, Agribusiness at Ever Ag, is because of something these entities have worked to implement into their operations — interconnectivity.

“As farms and suppliers adopt connected technologies — ranging from internet of things sensors to automated equipment — their exposure to cyberattacks has grown substantially,” says Moore. “At the same time, the strategic importance of food production has made the sector more attractive to both cybercriminals and nation-state actors seeking to disrupt supply chains or steal valuable agricultural data.”

In response to these threats, Moore says agricultural companies have definitely stepped up their game when it comes to cybersecurity. Most have implemented stronger security controls, collaborating more closely with government agencies, modernized technology, and invested in workforce training and incident-response readiness.

Purdue’s Malone agrees that cybersecurity has evolved as the entire world has become more digitally savvy and reliant.

Old vs. New Approaches to Cybersecurity

Security Area	Old Approach	New Approach	What’s Improved
Security Operations	Human-led monitoring plus manual triage; high alert fatigue	Autonomous cyberdefense agents that coordinate actions and work toward outcomes, not just tasks	Faster detection/response at machine speed; reduces analyst overload and scales expertise
Incident Response	Manual containment steps; playbooks executed by humans	AI-assisted plus automated containment and remediation	Cuts time-to-contain and limits blast radius; enables consistent response under pressure
Vulnerability Management	Periodic scanning; patch after exploit/news	Predictive vulnerability management using telemetry and exploit-trend analysis to prioritize likely-to-be-weaponized flaws	Moves from reactive to proactive; reduces “window of exposure” and prevents exploit-at-scale events
Exposure Reduction	Annual/quarterly risk assessments; point-in-time pen tests	Continuous threat exposure management plus attack-path modeling operationalized in workflows	Continuous visibility into real risk; focuses remediation on the paths attackers actually use
Network Access	Perimeter security plus VPN for remote access	Zero trust with continuous verification, segmentation, least-privilege access	Limits lateral movement and reduces trust assumptions

Source: Ever Ag

“A few years ago, I think the average agribusiness manager would have told you that cybersecurity was just an IT problem,” he says. “We’re past that point now, and I think most folks would say that it’s something that directly affects how farms and agribusinesses operate day to day. That change is tied to the digital evolution of 21st century agriculture. Precision equipment, GPS guidance, cloud-based platforms, and third-party software are now embedded in routine decisions, so when something goes wrong digitally, it shows up immediately in operations.”

The Threats and Hopes of AI

Still, Malone points out that in many ways, agricultural companies looking to improve their cybersecurity practices have not kept pace with how some aspects of the digital world have progressed in the 2020s.

“Many operations have basic protections in place, but today’s risks are just as much about people, partners, and coordination across the supply chain as they are about technology,” he says. “As a result, cybersecurity has become a management and resilience issue that requires regular attention, training, and planning, in a way that can’t just be about downloading better software.”

Of course, one of the biggest developments in the digital world over the past few years has been the rise of artificial intelligence (AI) systems. Capable of performing thousands of calculations per second, these programs have made their impact felt across the working world.

What do AI systems mean for cybersecurity? According to Malone, it’s a mixed bag.

“Where AI has helped is mostly behind the scenes,” he says. “It has improved things such as anomaly detection, pattern recognition, and filtering large volumes of network or system activity so that unusual behavior can be flagged faster than it could be by people alone. In large, well-resourced organizations, those tools can help identify problems earlier and reduce response time once something goes wrong.”

However, AI can also work to circumvent cybersecurity when it is used to conduct cyberattacks.

“AI has made cybersecurity in agriculture more complicated and, frankly, less forgiving,” he says. “AI has lowered the cost of launching convincing attacks. It has made fraud, phishing, and social engineering easier, cheaper, and harder to detect. Messages look legitimate, requests feel routine, and attackers do not need deep knowledge of a farm or agribusiness to cause real damage. At the same time, AI has increased the amount of data moving across platforms, which raises the chance of mistakes and exposure.”

Ever Ag’s Moore points out three areas in which AI systems are making cybersecurity harder to achieve. The first is how such programs can accelerate and automate cyberattacks.

“Cyberattacks are now faster, cheaper, and more scalable due to AI-driven automation,” he says. “Threat actors use AI for reconnaissance, vulnerability identification, and multi-step attack execution with minimal human involvement. At the 2025 RSA Conference, experts noted that AI has reduced breakout times to under an hour, enabling attackers to adapt in real time.”

The second area deals with attempting to access information or phishing.

“Generative AI produces highly convincing phishing emails, deepfake audio, and fraudulent websites, dramatically increasing attack success rates,” says Moore. In 2025, he notes, 41% of small business breaches were attributed to AI-driven attacks, compared to a figure of virtually zero in 2024.

The third area where AI systems can compromise computer systems is through malware creation.

“Security experts forecast a rapid rise in AI-generated vulnerabilities, as AI automates sophisticated fuzzing and exploit development,” says Moore. “As the year progresses, fully autonomous malware capable of learning and evolving during an attack is expected to dominate the threat landscape.”

Luckily, he adds, AI programs can also help improve cybersecurity. This includes improving detection accuracy and generating faster incident response, using predictive and proactive security protocols, and providing autonomous and AI-assisted defense capabilities.

“Emerging ‘agentic’ AI systems coordinate defensive actions, moving beyond task automation to outcome-driven cybersecurity operations,” he says of these latter systems. “Organizations are beginning to adopt automatic remediation, long considered too risky, as threat velocity exceeds human response capacity.”

A Continuing Issue

According to Purdue’s Malone, the most effective new cybersecurity methods are all about changing day-to-day security management. This means there is a growing focus on continuous monitoring and anomaly detection, which looks for unusual behavior inside systems rather than relying only on perimeter defenses.

“That matters in agriculture because many cyber incidents start quietly and only become visible after damage is done,” he says.

There is also greater emphasis on identity and access controls, such as multifactor authentication and more restrictive permissions, to limit the damage a single compromised account can cause, says Malone. In addition, the folks at land-grant institutions such as Purdue are pushing for improved benchmarking and risk-assessment tools to help farms and agribusinesses understand where they are exposed and what actions matter most.

No matter what way agricultural companies consider cybersecurity going forward, Malone predicts its importance will not diminish.

“We’re going to talk about cybersecurity more and more every year,” he says. “Operations will continue to become more digital, more connected, and more dependent on data and automation, which means the consequences of a cyber failure will continue to grow. At the same time, threats will keep evolving. Attacks will be faster, more targeted, and harder to distinguish from normal business activity, especially as AI-driven fraud becomes more common.”