Ransomware attack on U.S. farm incurred $9 million in losses
The Federal Bureau of Investigation (FBI) has sent out a Private Industry Notification to warn organizations in the Food and Agriculture sector about an increase in ransomware attacks that could and impact the food supply chain.
The increased reliance on smart technologies, Internet-connected (IoT) devices, and industrial control systems exposes the sector to various types of cyberattacks that may lead to disrupted operations, affecting the entire food supply chain.
All types of businesses in the sector are at risk, the FBI says, including farms, processors, manufacturers, markets, and restaurants. Ransomware attacks are often complemented by the theft of data, which is then used as leverage to extort victims.
“Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack,” the FBI’s notification says.
Some high-profile attacks this year have shown just how disruptive ransomware can be. The Kaseya attack forced one of Sweden’s leading supermarket chains to close hundreds of stores for days. Meat processing giant JBS had to suspend operations as well, just as Colonial Pipeline and Molson Coors did.
Other similar attacks did not get as much attention as those incidents did. A U.S. bakery, the FBI said, was forced to suspend operations for a week after REvil ransomware “was deployed through software used by an IT support managed service provider (MSP).”
In January 2021, the Bureau also revealed, a U.S. farm fell victim to a ransomware attack that incurred losses of roughly $9 million, as all farming operations were temporarily suspended. Using compromised credentials, the attackers gained administrator level to the farm’s internal systems.
The FBI recommends that all organizations keep their data backed up at all times, that they employe network segmentation and two-factor authentication, that they keep systems and applications updated, implement recovery plans, use strong passwords, disable remote access if not used, perform network audits, and install and regularly update anti-malware software.
Related: CISA, FBI Warn of Increase in Ransomware Attacks on Holidays
Related: FBI Shares Details on “OnePercent Group” Ransomware Operators
More from Ionut Arghire
- Votiro Raises $11.5 Million to Prevent File-Borne Threats
- Lumen Technologies Hit by Two Cyberattacks
- Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
- Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
- 500k Impacted by Data Breach at Debt Buyer NCB
- Chinese Cyberspies Use ‘Melofee’ Linux Malware for Stealthy Attacks
- Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
Latest News
- Italy Temporarily Blocks ChatGPT Over Privacy Concerns
- FDA Announces New Cybersecurity Requirements for Medical Devices
- Report: Chinese State-Sponsored Hacking Group Highly Active
- Votiro Raises $11.5 Million to Prevent File-Borne Threats
- Lumen Technologies Hit by Two Cyberattacks
- Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
- Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
- Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
