Ransomware Attacks on Agriculture Industry Increase
Contact Us | |
Free Demo | |
Chat | |
Two attacks on farming co-ops in the midwest have corroborated a warning from the FBI that when it comes to ransomware attacks, the agricultural industry is on watch .
Just as federal officials warned earlier this month, the last few weeks have seen an uptick in attackers actively targeting organizations in the agriculture sector, entities critical to the US food supply chain.
Last week a Minnesota-based farm supply and grain marketing cooperative said a ransomware attack forced some of its operating systems offline. The company, Crystal Valley, which provides grain, feed, gas, and crop protection products to farmers in and around Minnesota and Iowa disclosed in an update to its website that it had been hit by a ransomware attack.
"On Sunday, September 19, Crystal Valley was alerted we had been targeted in a ransomware attack. This attack has infected the computer systems at Crystal Valley and severely interrupted the daily operations of the company," the company posted in a statement.
The attack left the organization without a way to accept major credit cards and unable to mix fertilizer or fulfill orders for livestock feed, according to Reuters, which spoke to a farmer that uses Crystal Valley.
The company said on Friday that it was back to taking grain at its elevator locations but that it was doing manual hand tickets suggesting its systems were still offline. The company also said that because attackers had access to its systems, customers and business partners may have had their confidential data viewed and that it was planning on sending out data breach notifications soon.
News of the attack only came a few days after New Cooperative Inc, a member owned agricultural cooperative in Iowa, made headlines following a ransomware attack of their own.
In that attack the Russian ransomware group BlackMatter reportedly asked the coop for $5.9 million. A screenshot, purportedly between of a conversation between the organization and the attackers, circulated on Twitter last week in which New Cooperative pointed out it was critical infrastructure - a sector the group claims it doesn't attack.
The attackers saw things differently: "You do not fall under the rules, everyone will only incur losses, everything is tied to the commerce, the critical ones mean the vital needs of a person, and you earn money."
In the exchange New Cooperative claims its software controls 40 percent of the nation’s grain production and the feed schedule of 11 million animals.
BlackMatter sought to publish the co-op’s data, including its invoices, research and development documents, and the source code to SOILMAP, soil-mapping technology New Cooperative oversees.
To mitigate the attack, the co-op developed a workaround to continue accepting grain shipments and distributing feed, according to the Washington Post. While the organization took its network (and SOILMAP) offline following the attack, it appears it’s still feeling the effects of the hack; their website, newcoop.com and soilmap.com were both still unreachable on Monday.
Earlier this month the Federal Bureau of Investigation warned of increased attacks on the food and agriculture sector.
"As the sector moves to adopt more smart technologies and internet of things (IoT) processes the attack surface increases. Larger businesses are targeted based on their perceived ability to pay higher ransom demands, while smaller entities may be seen as soft targets, particularly those in the earlier stages of digitizing their processes," the FBI said in a TLP: White Private Industry Notification.
The agency went on to highlight attacks, including one that shuttered a bakery for a week and caused them to lose access to their files and applications and another that cost one farm approximately $9 million.
Recommended Resources
All the essential information you need about DLP in one eBook.
Expert views on the challenges of today & tomorrow.
The details on our platform architecture, how it works, and your deployment options.