FBI Puts Ag on Alert: Ransomware Attack Potentially Timed to Critical Seasons

Farmers and ag cooperative need to be on high alert this spring. That’s according to the FBI, which is predicting cyber criminals might attack the industry during planting and harvest. 
Farmers and ag cooperative need to be on high alert this spring. That’s according to the FBI, which is predicting cyber criminals might attack the industry during planting and harvest. 
(The Scoop)

Farmers and ag cooperative employees need to be on high alert this spring. That’s according to the FBI, which is predicting cyber criminals might attack the industry during planting and harvesting seasons. 

Why? Cyber criminals believe their prey could be more vulnerable and willing to pay off the extortion.

Since 2021, FBI reports multiple agricultural cooperatives have been impacted by a variety of ransomware variants:

  • In March 2022, a multi-state grain company suffered a Lockbit 2.0 ransomware attack. In addition to grain processing, the company provides seed, fertilizer, and logistics services, which are critical during the spring planting season. 
  • In February 2022, a company providing feed milling and other agricultural services reported two instances in which an unauthorized actor gained access to some of its systems and may have attempted to initiate a ransomware attack. The attempts were detected and stopped before encryption occurred. 
  • Between Sept. 15 and Oct. 6, 2021, six grain cooperatives experienced ransomware attacks. A variety of ransomware variants were used, including Conti, BlackMatter, Suncrypt, Sodinokibi, and BlackByte. Some targeted entities had to completely halt production while others lost administrative functions. 
  • In July 2021, a business management software company found malicious activity on its network, which was later identified as HelloKitty/Five Hands ransomware. The threat actor demanded a $30 million ransom. The ransomware attack on the company led to secondary ransomware infections on a number of its clients, which included several agricultural cooperatives.

These attacks resulted in service issues, production disruptions and loss of access to administrative functions.

In a public advisory, federal officials say a major disruption of grain production would impact the entire food chain.

What You Can Do

The FBI is asking those in agriculture to take defensive measures against the potential threat. Those steps include: 

  • Regularly back up data, air gap and passwords. Make backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides. 
  • Implement a recovery plan that includes maintaining and retaining multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud). 
  • Identify critical functions and develop an operations plan if systems go offline. Think about ways to operate manually if it becomes necessary. 
  • Implement network segmentation. 
  • Install updates/patch operating systems, software and firmware as soon as they are released.
  • Use multifactor authentication where possible. 
  • Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts and use strong pass phrases where possible. 
  • Require administrator credentials to install software. 
  • Audit user accounts with administrative or elevated privileges and configure access controls with least privilege in mind. 
  • Install and regularly update anti-virus and anti-malware software on all hosts. 
  • Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a virtual private network (VPN). 
  • Consider adding an email banner to messages coming from outside your organizations. 
  • Disable hyperlinks in received emails. 
  • Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities (i.e. ransomware and phishing scams).

 

Tools and Resources

Tips for Protecting Yourself Against Ransomware Attacks

For additional resources related to the prevention and mitigation of ransomware, visit Stopransomware.gov

CISA’s Ransomware Readiness Assessment (RRA) is a no-cost self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident. 

CISA offers a range of no-cost cyber hygiene services to help critical infrastructure organizations assess, identify, and reduce their exposure to threats, including ransomware. By requesting these services, organizations of any size could find ways to reduce their risk and mitigate attack vectors.
 

Watch our report on AgDay TV:

Read More

Popular Online Farm Equipment and Land Auction Service Sites Crippled by Ransomware Attack

John Phipps: Is a Possible Cyberwarfare Attack Looming for Your Farm? Why Tractors May Be Next

John Phipps: Is North Korea the New Breeding Ground for Cyber Warfare?

Cyber Threats Are A Real Threat To Modern Agriculture’s Expanding Digital Infrastructure

Tags

Data Security Planting Technology - General Hogs Resource Management
 

Latest News

Retail Industry
Brandt Hires New VP of Strategy
Brandt Hires New VP of Strategy

The vice president of strategy role is in charge of identifying and refining corporate strategy as well as cross-selling within the company. 

Margy Eckelkamp
New Products
Custom Agronomics Acquires BioTek Ag
Custom Agronomics Acquires BioTek Ag

BioTek Ag, which was based in North Carolina and had been in business for more than 30 years, will become part of Custom Agronomics, a formulator and manufacturer of private-label products.

Margy Eckelkamp
Retail Industry
ARA: Moving The Needle On Capitol Hill
ARA: Moving The Needle On Capitol Hill

The ARA Fly-In paves a path for productive, educational conversations between the ag retail industry and the decision-makers in Congress to occur far beyond the discussions that happened on Capitol Hill.

ARA
Retail Industry
The Scoop Podcast: Set The Foundation In Agronomy and Your Career
The Scoop Podcast: Set The Foundation In Agronomy and Your Career

Kyle Meece, agronomy manager at United Prairie, talks about how he is working to be two to three years ahead of other retailers.

Margy Eckelkamp
Retail Industry
Goodbye, El Niño. Hello, La Niña? The Big Transition to La Niña is Already Underway
Goodbye, El Niño. Hello, La Niña? The Big Transition to La Niña is Already Underway

There's now a 60% chance La Niña will develop between June and August and an 85% chance it's in effect by November 2024 to January 2025, according to NOAA.

Tyne Morgan
Retail Industry
Growmark and Intelinair Launch Agronomy App to Enable Data-Driven Decisions
Growmark and Intelinair Launch Agronomy App to Enable Data-Driven Decisions

To bring new ways to connect its agronomy insights with customers, Growmark and 29 of its member FS companies are launching the myFS Agronomy app in conjunction with Intelinair.

Margy Eckelkamp
View More