John Deere tractors 'bricked' after Russia steals machinery from Ukraine

If true, a good use for DRM?

Millions of dollars worth of John Deere agricultural machinery stolen from a dealership in Ukraine by Russian Federation forces has been traced to the Chechen Republic and bricked, it is reported.

In this instance, the Moline, Illinois-based Deere & Co.'s penchant for proprietary digital access controls may have worked out well from a public-relations standpoint, if the account is true. The looted tractors and combine harvesters have been remotely disabled, according to an unidentified Ukrainian interviewed by CNN, leaving those responsible looking for ways to bypass the machinery's digital locks.

That task may be all the more challenging given the reported flight of IT talent from Russia and the sanctions-induced shortage of IT equipment in the country.

Two weeks after the start of the Russian invasion of Ukraine on February 24, John Deere announced the suspension of shipments of farm machinery to Russia, and later to Belarus, in response to international sanctions.

Whether or not those sanctions have had any effect on farm equipment demand or availability, Russian Federation forces have been documented taking valuable items (not to mention Ukrainian citizens) back to Russian territory.

Since March, Agrotek-Invest, an authorized John Deere dealer in Ukraine, has posted several reports on Facebook accusing Chechen security forces of stealing farm equipment from its showroom in Melitopol, Ukraine.

On March 31, the company said two new John Deere S770 & S760 flagship harvesters, along with Tempo sowers from Swedish agricultural machinery firm Väderstad, worth about $1 million had been stolen from the company showroom.

Then on April 5, the farm equipment dealer said more machines had been stolen.

According to CNN, the total value of equipment seized amounts to more than $5 million.

On April 7, Väderstad responded to Agrotek's posts by noting that it keeps serial number records for each of its machines and has locked them down to prevent them from starting or being repaired.

John Deere has similar capabilities, and at least one individual responding to Agrotek's initial post in March suggested the dealer email the equipment maker to request a remote update to its harvesters based on serial numbers to install ECU firmware to disable the stolen machines. Given the farming machinery is equipped with GPS and can be remotely controlled, it is possible the equipment was locked by one means or another from afar.

Ironically, back in 2017, American farmers were importing cracked John Deere software from Ukraine to hack their US-based tractors to repair and modify them.

Since then, the Right to Repair movement – which aims to require that technology companies provide the public with fair and reasonable access to the tools and software to repair their products – has made considerable progress. There's now widespread support for pro-repair legislation in the US, the UK, and Europe.

Deere & Co. did not immediately respond to a request for comment. The company previously told The Register it "does not support the right to modify embedded software due to the risks associated with the safe operation of equipment, emissions compliance, and engine performance." ®

Other stories you might like

  • UK govt considers invoking national security in Arm IPO saga
    Reportedly dropping hints it may use legislation to push a London listing

    The UK government is upping the ante in attempts to have Arm listed on the London stock exchange, with reports suggesting it is considering the threat of national security laws to force the issue with owner SoftBank.

    According to the Financial Times, the British administration is considering whether to apply the National Security and Investment Act (NSIA), which came into force at the start of the year, in a bid to have SoftBank change its mind over listing Arm exclusively on the Nasdaq in New York, as it has previously indicated.

    The FT cites the usual "people familiar with the matter", who indicated there had not yet been a formal debate over using national security legislation, and the idea was opposed by some government officials.

    Continue reading
  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • Behold this drone-dropping rifle with two-mile range
    Confuses rather than destroys unmanned aerials to better bring back intel, says Ukrainian designer

    What's said to be a Ukrainian-made long-range anti-drone rifle is one of the latest weapons to emerge from Russia's ongoing invasion of its neighbor.

    The Antidron KVS G-6 is manufactured by Kvertus Technology, in the western Ukraine region of Ivano-Frankivsk, whose capital of the same name has twice been subjected to Russian bombings during the war. Like other drone-dropping equipment, we're told it uses radio signals to interrupt control, remotely disabling them, and it reportedly has an impressive 3.5 km (2.17 miles) range.

    "We are not damaging the drone. With communication lost, it just loses coordination and doesn't know where to go. The drone lands where it is jammed, or can be carried away by the wind because it's uncontrollable,"  Kvertus' director of technology Yaroslav Filimonov said. Because the downed drones are unharmed, they give Ukrainian soldiers recovering them a wealth of potential intelligence, he added.  

    Continue reading
  • International operation takes down Russian RSOCKS botnet
    $200 a day buys you 90,000 victims

    A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.

    The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.

    It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.

    Continue reading

Biting the hand that feeds IT © 1998–2022