People Are Hacking John Deere Tractors: Right-to-Repair War Continues
The right-to-repair fight has taken a trip to the farm. This week, hackers at the DefCon security conference in Las Vegas revealed a new target: John Deere tractors. Farmers have been hacking John Deere tractors for a while now, but is hacking the answer, or should John Deere be doing more? Even the best lawn tractors, mowers, and other equipment are susceptible to such attacks. Is that a bigger security risk than it sounds?
Sick Code is responsible for hacking John Deere tractors most recently
As reported by Wired, a hacker named Sick Codes has hacked the John Deere tractor. Like a Tesla EV, John Deere has the lawn tractors locked so only authorized mechanics can work on it. Sick Codes has figured out how to bypass the digital locks on the tractors, similar to iPhone jailbreaking if you remember those days.
This would allow tractor owners to modify and repair tractors without going into a store or having someone come out to repair the equipment. Tractors did not always require hacking for a fix, which made repairing tractors easy work back in the day.
This new hack allows people to use the touchscreen on tractors to change or investigate an issue. Most farmers are already paying for the software and the equipment and then have to pay to fix the equipment when it breaks.
Hacking John Deere tractors shows a bigger vulnerability with farming equipment
Wired says this new hack “underscores the security implications of the right-to-repair movement.” The fact that someone could hack John Deere tractors with such ease shows that these tractors are vulnerable to attacks from anyone. Not that people go around hacking tractors for fun, but what if someone disabled all of the modern tractors in the country with a hack?
An incident in 2021 with JBS USA shows us it is possible. A Wall Street Journal article from June last year says that JBS USA paid an $11 million ransom to cybercriminals who shut down the meat processing plants. This temporarily held one-fifth of the nation’s meat supply hostage until JBS paid the bitcoin ransom.
At the same time, why shouldn’t farmers and others be able to fix John Deere tractors without an expensive appointment at a faraway store? Modern farm and agriculture equipment are essential, which means this equipment should be easy to fix so everyone can get back to work.
The right-to-repair movement has a point, and it isn’t new
In March, John Deere agreed to make some of its repair software available to owners. The company also said it would work on helping farmers repair the equipment themselves instead of bringing it into an authorized dealership. Sick Code says, “Farmers prefer the older equipment simply because they want reliability. They don’t want stuff to go wrong at the most important part of the year when they have to pull stuff out of the ground.”
Allowing equipment owners to fix tractors and other equipment seems like a no-brainer. If people can repair equipment at home and help others repair or diagnose issues, there is less potential for an agricultural meltdown. That, of course, doesn’t make the company more money, though.
The John Deere tractors that were hacked include models 2630 and 4240. Code found that the tractors had more than 1.5 GB of logs to help authorized service providers diagnose and fix issues. John Deere didn’t reply to WIRED’s request for comment.