John Deere tractors 'bricked' after Russia steals machinery from Ukraine
If true, a good use for DRM?
Millions of dollars worth of John Deere agricultural machinery stolen from a dealership in Ukraine by Russian Federation forces has been traced to the Chechen Republic and bricked, it is reported.
In this instance, the Moline, Illinois-based Deere & Co.'s penchant for proprietary digital access controls may have worked out well from a public-relations standpoint, if the account is true. The looted tractors and combine harvesters have been remotely disabled, according to an unidentified Ukrainian interviewed by CNN, leaving those responsible looking for ways to bypass the machinery's digital locks.
Two weeks after the start of the Russian invasion of Ukraine on February 24, John Deere announced the suspension of shipments of farm machinery to Russia, and later to Belarus, in response to international sanctions.
Whether or not those sanctions have had any effect on farm equipment demand or availability, Russian Federation forces have been documented taking valuable items (not to mention Ukrainian citizens) back to Russian territory.
Since March, Agrotek-Invest, an authorized John Deere dealer in Ukraine, has posted several reports on Facebook accusing Chechen security forces of stealing farm equipment from its showroom in Melitopol, Ukraine.
On March 31, the company said two new John Deere S770 & S760 flagship harvesters, along with Tempo sowers from Swedish agricultural machinery firm Väderstad, worth about $1 million had been stolen from the company showroom.
Then on April 5, the farm equipment dealer said more machines had been stolen.
According to CNN, the total value of equipment seized amounts to more than $5 million.
- Deere & Co won't give out software and data needed for repairs, watchdog told
- Right-to-repair laws proposed in the US aim to make ownership great again
- European Right to Repair resolution headed for vote
- Apple's self-repair service finally launches after months of silence
On April 7, Väderstad responded to Agrotek's posts by noting that it keeps serial number records for each of its machines and has locked them down to prevent them from starting or being repaired.
John Deere has similar capabilities, and at least one individual responding to Agrotek's initial post in March suggested the dealer email the equipment maker to request a remote update to its harvesters based on serial numbers to install ECU firmware to disable the stolen machines. Given the farming machinery is equipped with GPS and can be remotely controlled, it is possible the equipment was locked by one means or another from afar.
Ironically, back in 2017, American farmers were importing cracked John Deere software from Ukraine to hack their US-based tractors to repair and modify them.
Since then, the Right to Repair movement – which aims to require that technology companies provide the public with fair and reasonable access to the tools and software to repair their products – has made considerable progress. There's now widespread support for pro-repair legislation in the US, the UK, and Europe.
Deere & Co. did not immediately respond to a request for comment. The company previously told The Register it "does not support the right to modify embedded software due to the risks associated with the safe operation of equipment, emissions compliance, and engine performance." ®
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Federal government of the United States
- Government of the United Kingdom
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- Trusted Platform Module
- Zero trust