Is Agriculture the Next Big Ransomware Target?

Philip BaderCybersecurityLeave a Comment

Food and agriculture might not immediately stand out as sectors of the economy at high risk of cyberattacks. But a private industry notification issued last week by the FBI warns that cyber criminal threat actors have increasingly targeted the nation’s food supply via attacks on small farms, agricultural corporations, manufacturers, and other affiliated organizations.

Agriculture is a critical industry, and like energy and gas, any disruption to manufacturers or producers along the supply chain could have devastating effects. As recent attacks on a municipal water supply and the Colonial Pipeline illustrate, critical industrial infrastructure already represents an attractive target for cyber criminals.

Much of this infrastructure relies on network-connected technology and Internet of Things (IoT) devices. Ransomware gangs and other cybercriminals “exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems,” the FBI warned.

Recent Attacks

The FBI notification cited several food and agriculture organizations either directly targeted or affected as a result of broader attacks on IT software companies. One such attack on the IT management software company Kaseya in July 2021 led to ransomware attacks on as many as 1,500 companies that relied on managed service providers (MSPs) using Kaseya software. These companies included a chain of 800 Swedish grocery stores and a U.S.-based bakery.

In May 2021, the global meat processing company JBS suffered an attack by the Sodinokibi/REvil ransomware variant that led to shutdowns of U.S. plants, a shortage of meat supplies, and a 25% spike in prices, as well as the exfiltration of company data. A U.S. farm was temporarily shut down in January 2021 when hackers penetrated its internal network. The shutdown led to $9 million in losses.

An Escalating Problem

Ransomware attacks have increased in frequency and sophistication in the last few years, and so have the costs associated with them. Average ransom demands doubled from 2019 to 2020, with the highest demand reaching $23 million. Over the same period, cyber insurance payouts grew by 65%.

More troubling than the financial impact, which can be considerable, is the potential for cybercriminals to escalate attacks on the physical mechanisms that help automate so much of the industrial sector, from food and manufacturing to critical energy and natural resources infrastructure.

As the FBI notification warns, “cyber actors may gradually broaden their attack from just information technology (IT) and business processes to also include the operational technology (OT) assets, which monitor and control physical processes, impacting industrial production regardless of whether the malware was deployed in IT or OT systems.”

Securing Critical Infrastructure

Attacks on the Colonial Pipeline and a municipal water treatment facility earlier this year have already demonstrated the need for greater vigilance when it comes to protecting our critical infrastructure. Government cybersecurity organizations and federal law enforcement agree that companies of all sizes can take specific steps to reduce the chances of an attack.

In line with recommendations by the Cybersecurity and Infrastructure Security Agency as well as the FBI for mitigating the threat of ransomware and other malware attacks, SecureData has developed innovative strategies to harden data security for backup systems and critical IT network endpoints.

Customized Data Security

SecureData’s award-winning FIPS-validated and hardware-encrypted SecureDrive and SecureUSB external storage devices provide the highest level of security for data backups. Our managed and unmanaged storage solutions allow users to authenticate via an on-board alphanumeric keypad and PIN or free mobile app and Bluetooth connection.

For enhanced protection against data leaks, the SecureDrive BT and SecureUSB BT products are Remote Management ready. Our SaaS RM console gives IT administrators total control over where, when, and how data gets accessed. Passwords can be remotely reset, and all data can be remotely wiped if a drive is lost or stolen.

Our SecureGuard DLP port blocker for Windows-powered computers works in tandem with the RM console to give organizations even greater protection against network penetration from USB-borne malware and ransomware. In addition to limiting computer access to authorized USB devices only, SecureGuard enables whitelisting and blacklisting of specific USB devices and blocks access to computers when an unauthorized USB device is inserted.

Call us at 1-800-520-1677 to speak to one of our data security experts about a security solution that best fits your organization, or to set up a free demonstration of our products and services.