Agriculture Security Glossary

A Russian hacktivist group linked to GRU military intelligence. In 2024, CARR manipulated water systems in rural Texas communities, causing tank overflows. They openly bragged about the attacks on Telegram.

Committee on Foreign Investment in the United States. An interagency committee that reviews foreign investments and acquisitions of US companies for national security risks. CFIUS has blocked or modified several Chinese agricultural acquisitions.

Cybersecurity and Infrastructure Security Agency. The federal agency responsible for protecting critical infrastructure, including the Food and Agriculture sector. CISA issues advisories, coordinates incident response, and provides security resources.

An Iranian Islamic Revolutionary Guard Corps (IRGC) affiliated hacking group. In 2023, they attacked multiple US water utilities, including systems serving rural communities, by exploiting Unitronics PLCs.

Requirements that data be stored within a country's borders. China's Cybersecurity Law requires certain data to be stored in China, meaning data from Chinese companies' US operations may be accessible to Chinese authorities.

Theft of trade secrets to benefit a foreign government or entity. Under 18 U.S.C. § 1831, it carries penalties up to 15 years in prison. Multiple cases involve theft of US agricultural technology for China.

Reliable access to sufficient, affordable, nutritious food. China faces food security challenges feeding 20% of world population with less than 10% of arable land, driving their interest in US agricultural data and technology.

Geospatial Intelligence. The exploitation and analysis of imagery and geospatial information to describe, assess, and visually depict physical features and activities. Farm location data enables GEOINT collection on US agricultural infrastructure.

Genetically uniform plant lines used as parents in hybrid seed production. Inbred lines are the most valuable trade secrets in the seed industry, worth $30-40 million and 5-8 years of research per variety.

Information Sharing and Analysis Center. Sector-specific organizations that collect and share cybersecurity threat intelligence among members. The Food and Agriculture ISAC (Food and Ag-ISAC) was formed in 2023 with members including major food companies.

Chinese law enacted in 2017 requiring all organizations and citizens to support, assist, and cooperate with state intelligence work. This law means Chinese companies must provide data to intelligence services if requested.

Hardware and software that detects or causes changes in physical processes through direct monitoring and control of physical devices. In agriculture, OT includes SCADA systems, PLCs, and industrial control systems managing water pumps, grain elevators, and processing equipment.

Intelligence technique that establishes baseline understanding of normal activities to detect changes. Farm equipment data showing operational patterns can enable adversary pattern of life analysis.

Programmable Logic Controller. Industrial computers that control mechanical processes like pumps, motors, and valves. Unitronics PLCs in water utilities were targeted by Iranian hackers in 2023.

The practice of establishing persistent access to computer systems before they are needed for an attack. Chinese hackers have pre-positioned themselves in US critical infrastructure for potential future conflicts.

Technology-enabled farming that uses GPS, sensors, drones, and data analytics to optimize crop yields and resource use. The data collected by precision agriculture equipment is valuable to foreign adversaries for intelligence purposes.

Malicious software that encrypts files and demands payment for decryption. In agriculture, ransomware attacks have hit major cooperatives like NEW Cooperative ($5.9M ransom demand) and meat processors like JBS ($11M paid).

Member-owned utility that provides electricity to rural areas. There are over 900 electric co-ops in the US serving 42 million people. They are critical infrastructure targets, as shown in the Delta-Montrose attack.

Supervisory Control and Data Acquisition. A system used to monitor and control industrial processes remotely. Rural water systems, electric cooperatives, and grain facilities often use SCADA systems that may be vulnerable to cyberattack.

Confidential business information that provides competitive advantage. In agriculture, trade secrets include seed genetics, breeding programs, proprietary algorithms, and production processes. Theft of trade secrets under 18 U.S.C. § 1832 carries up to 10 years in prison.

A Chinese state-sponsored hacking group identified by Microsoft and US intelligence agencies. Active since 2021, Volt Typhoon pre-positions itself in US critical infrastructure networks for potential future disruption during a conflict. Has targeted water utilities and other infrastructure.