FBI Warning On Ransomware Attacks Against The Agriculture Sector

Please see comment below by cyber security experts on how agriculture organisations can protect themselves against cyberattacks after the FBI’s warning on increased attacks by ransomware gangs on the sector.

Experts Comments

April 21, 2022
Dr. Darren Williams
Founder and CEO
BlackFog

2021 was the year that ransomware went mainstream, and it was the attack on Colonial Pipeline which was the catalyst. Consumers sit up and take notice when supplies of everyday essentials such as gas, electric and food are threatened. For obvious reason the fallout from these incidents can be massive, so it’s no surprise that cybercriminal gangs will continue to focus on our food supply chain.

Last year we saw food supply disruption following attacks on JBS Foods, one of the largest meat

.....Read More

2021 was the year that ransomware went mainstream, and it was the attack on Colonial Pipeline which was the catalyst. Consumers sit up and take notice when supplies of everyday essentials such as gas, electric and food are threatened. For obvious reason the fallout from these incidents can be massive, so it’s no surprise that cybercriminal gangs will continue to focus on our food supply chain.

Last year we saw food supply disruption following attacks on JBS Foods, one of the largest meat processing firms, multi-billion dollar dairy foods company Schreiber, Minnesota-based farm supply and grain marketing cooperative Crystal Valley, and Iowa-based farm service provider NEW Cooperative to name a few. 

Unfortunately, ransomware attacks are increasing at an unparalleled rate and many organizations are still depending on antiquated technologies to defend against them, so the chances of a debilitating attack targeting our food supply is higher than ever before.

We know that the common thread associated with all ransomware attacks is data exfiltration, data is after all the crown jewels of any organisation. If organisations continue to focus on defensive cybersecurity approaches, attackers will continue to focus on and profit from extortion. Only by preventing the unauthorised exfiltration of data can organisations really win the war on ransomware.

  Read Less
April 24, 2022
Debrup Ghosh
Senior Product Manager
Synopsys Software Integrity Group

From trucking companies to oil refineries to grain cooperatives, high-impact malware or ransomware incidents against critical infrastructure sectors have increased globally. With the close adjacency between logistics, agriculture, and food and beverage industries, it is key that we not only work on managing risk to our physical supply chain due to the pandemic, geopolitical issues, as well as climate change but also focus on securing digital supply chains.

In the past decade, digital

.....Read More

From trucking companies to oil refineries to grain cooperatives, high-impact malware or ransomware incidents against critical infrastructure sectors have increased globally. With the close adjacency between logistics, agriculture, and food and beverage industries, it is key that we not only work on managing risk to our physical supply chain due to the pandemic, geopolitical issues, as well as climate change but also focus on securing digital supply chains.

In the past decade, digital transformation and automation have improved efficiencies across the physical supply chain, but we also need to utilise automation to secure digital supply chains—a growing concern across industries. The 2022 Open Source Security and Risk Analysis (OSSRA) report, produced by the Synopsys Cybersecurity Research Centre, found that in the Aerospace, Aviation, Auto, Transportation, Logistics sector, 97% of codebases contained open source, while over 60% of the codebases in that sector also contained vulnerabilities.

As a result, it becomes more important than ever for every CISO today to take inventory of their software risk using an extensive Software Bill of Materials (SBOM). Every security team should work with their independent software vendors and managed services providers to build appropriate controls as part of their overall risk management strategy, patching zero-day vulnerabilities and exploits, and above all prevent cascading bullwhip effects across the nation’s delicate food supply chain.

  Read Less
April 21, 2022
Justin Vaughan-Brown
VP of Strategic Communications
Deep Instinct

While the agricultural sector may not be an obvious industry for threat actors to target, the effects of a cyberattack on organisations within the industry would have devastating consequences to food supplies on an international scale. Threat actors are ruthless and have no honour. As such, they are likely to target industries where the organisations are more likely to pay ransom demands and where they sense there are more vulnerabilities. As ransomware attacks continue to plague every industry

.....Read More

While the agricultural sector may not be an obvious industry for threat actors to target, the effects of a cyberattack on organisations within the industry would have devastating consequences to food supplies on an international scale. Threat actors are ruthless and have no honour. As such, they are likely to target industries where the organisations are more likely to pay ransom demands and where they sense there are more vulnerabilities. As ransomware attacks continue to plague every industry around the world, the agricultural sector should take the FBI’s warning very seriously.

Unfortunately, most organisations use EDR solutions in an attempt to prevent and stop malware and ransomware attacks. However, the low-dwell time and maximum impact malware used by threat actors now means that EDR is no longer enough. Traditional EDR solutions need malware to execute before it can be picked up as malicious or benign, which can take as long as 60 seconds. This is too long when the fastest ransomware can start encrypting data and files within 15 seconds of executing. Food and agriculture organisations need to invest in solutions which are able to prevent cyberattacks before they execute and have the ability to cause significant damage to global food supply chains.

Technologies, such as deep learning – an advanced subset of AI, are able to stop ransomware attacks before they can encrypt data and files. Deep learning delivers a sub-20 millisecond response time to stopping a cyberattack before it can execute and take hold of an organisation’s network. Ultimately, implementing deep learning will mean that organisations are prepared against cyberattacks, and farmers will only have to worry about the weather during the harvest and planting season.

  Read Less
April 24, 2022
Brian Higgins
Security Specialist
Comparitech.com

Farmers and food production have been on the cyber criminal radar for some time now. The UK National Cyber Security Centre (NCSC) published guidance in December 2020: Cyber security guidance for farmers - NCSC.GOV.UK and it’s no surprise that the US Authorities are following suit. Criminals will always attack their targets at the points of highest vulnerability to maximise pressure to comply with their demands. That’s why planting and harvesting seasons are of particular interest in the

.....Read More

Farmers and food production have been on the cyber criminal radar for some time now. The UK National Cyber Security Centre (NCSC) published guidance in December 2020: Cyber security guidance for farmers - NCSC.GOV.UK and it’s no surprise that the US Authorities are following suit. Criminals will always attack their targets at the points of highest vulnerability to maximise pressure to comply with their demands. That’s why planting and harvesting seasons are of particular interest in the farming community. Couple that with the ongoing supply chain difficulties arising from the COVID pandemic and you can see why the sector needs to up it’s game and take these threats seriously. Profit margins are traditionally very slim for farmers so a successful attack could be incredibly harmful to individual businesses or collectives. Basic cyber protection could be the one thing that keeps the lights on if cyber criminals come knocking.

  Read Less
April 22, 2022
James McQuiggan
Security Awareness Advocate
KnowBe4

No organization ever wants to get hit with ransomware as it will interrupt the business and services. However, being impacted by ransomware at a critical time of the year, like the holiday season for product manufacturers or harvesting time for agriculture, can be devastating compared to the rest of the year.

Losing essential systems at the busiest and most crucial time of the year will increase the time frame for those organizations to restore to normal operations and if paying the ransom does

.....Read More

No organization ever wants to get hit with ransomware as it will interrupt the business and services. However, being impacted by ransomware at a critical time of the year, like the holiday season for product manufacturers or harvesting time for agriculture, can be devastating compared to the rest of the year.

Losing essential systems at the busiest and most crucial time of the year will increase the time frame for those organizations to restore to normal operations and if paying the ransom does that then the loss of payment on the ransom money will outweigh the production and revenue loss of not paying and taking multiple weeks to recover.

  Read Less
April 21, 2022
Andy Norton
European Cyber Risk Officer
Armis

There is an element of speculation in the notification. A disruption to the agriculture sector may be more damaging during the harvest and planting season, and so if a threat actor was sufficiently motivated they may be more likely to attack during this time to increase leverage on the victim to pay a ransom. However, as critical infrastructure providers, the agriculture sector must have a good understanding and prioritisation of risks to their service and as such understand the various risks

.....Read More

There is an element of speculation in the notification. A disruption to the agriculture sector may be more damaging during the harvest and planting season, and so if a threat actor was sufficiently motivated they may be more likely to attack during this time to increase leverage on the victim to pay a ransom. However, as critical infrastructure providers, the agriculture sector must have a good understanding and prioritisation of risks to their service and as such understand the various risks during each phase of the production cycles.

This is solely an FYI from the FBI, to be on guard and to ensure appropriate and proportionate defence.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.