Ransomware attack on U.S. farm incurred $9 million in losses
The Federal Bureau of Investigation (FBI) has sent out a Private Industry Notification to warn organizations in the Food and Agriculture sector about an increase in ransomware attacks that could and impact the food supply chain.
The increased reliance on smart technologies, Internet-connected (IoT) devices, and industrial control systems exposes the sector to various types of cyberattacks that may lead to disrupted operations, affecting the entire food supply chain.
All types of businesses in the sector are at risk, the FBI says, including farms, processors, manufacturers, markets, and restaurants. Ransomware attacks are often complemented by the theft of data, which is then used as leverage to extort victims.
“Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack,” the FBI’s notification says.
Some high-profile attacks this year have shown just how disruptive ransomware can be. The Kaseya attack forced one of Sweden’s leading supermarket chains to close hundreds of stores for days. Meat processing giant JBS had to suspend operations as well, just as Colonial Pipeline and Molson Coors did.
Other similar attacks did not get as much attention as those incidents did. A U.S. bakery, the FBI said, was forced to suspend operations for a week after REvil ransomware “was deployed through software used by an IT support managed service provider (MSP).”
In January 2021, the Bureau also revealed, a U.S. farm fell victim to a ransomware attack that incurred losses of roughly $9 million, as all farming operations were temporarily suspended. Using compromised credentials, the attackers gained administrator level to the farm’s internal systems.
The FBI recommends that all organizations keep their data backed up at all times, that they employe network segmentation and two-factor authentication, that they keep systems and applications updated, implement recovery plans, use strong passwords, disable remote access if not used, perform network audits, and install and regularly update anti-malware software.