Agribusinesses continue to be targeted by cyberattacks
Two midwestern farm co-ops are the latest American agribusinesses to be targeted by cyberattackers, according to published media reports.
On Sept. 19, Crystal Valley, a Minnesota-based farm supply and grain co-op, was hit by a ransomware attack that infected its computer systems, severely interrupting the company’s daily operations according to a statement released by the co-op on Sept. 21. The attack necessitated that the co-op write manual hand tickets when receiving farmers’ grain rather than recording the transactions electronically. The co-op also suspended accepting major credit cards and notified its customers that they should assume their personal information on file had been compromised and should take precautionary measures to monitor their bank accounts and other financial information.
At some point during the third weekend in September, Iowa-based New Cooperative, one of the largest farm cooperatives in the U.S., was also targeted. According to Bloomberg News, the Iowa co-op received a ransom demand of $5.9 million from cybercriminal group BlackMatter, founded in July 2021, which claims to have incorporated the "best features" from Russian ransomware group DarkSide, REvil and LockBit.
The Federal Bureau of Investigation issued a private industry notification on Sept. 1 warning the food and agriculture sector that it is under active attack by cybercriminals. The U.S. Internet Crime Complaint Center (IC3) received 2,474 ransomware complaints in 2020 with adjusted losses of more than $29.1 million across all industry sectors, the FBI reported in its Sept. 1 notification.
While cybercriminals use a variety of methods to infect victims’ computer systems with ransomware, the most common means of infecting a network are email phishing, remote desktop protocol vulnerabilities and software vulnerabilities, the FBI reports.
Business owners/managers are encouraged to visit https://www.cisa.gov/stopransomware to access resources related to the prevention and mitigation of cyberattacks. In the event you experience a cyberattack or suspect someone may be trying to access your system, contact your local FBI field office. A directory of FBI field offices is available at www.fbi.gov/contact-us/field-offices or by calling 855-292-3937.
These latest two attacks come in the wake of more than a year of escalating cyberattacks during the course of the COVID-19 pandemic, in particular ransomware attacks targeting groups critical to key U.S. supply chains.
In a June meeting with Russian President Vladimir Putin, U.S. President Joe Biden warned the Kremlin that cyberattacks against 16 U.S. industries – including agriculture – would not be tolerated. The entities Biden said are off limits also include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services
In May there were cyberattacks against Colonial Pipeline, which provides 45 percent of the East Coast’s fuel, and on JBS USA, one of the largest meat providers. Both Colonial Pipeline and JBS USA chose to pay the ransom payments demanded, according to published media reports. The Justice Department was able to recover the majority of the $4.4 million in bitcoin paid to hackers by Colonial.