Old MacDonald had a farm, E-I-E-I-O. And on this farm he clicked a link, E-I-E-I… oh…no.
The FBI has issued a warning to the nation’s farmers and other agricultural businesses that ransomware operators “potentially” now consider them hot targets—which makes a whole lot of sense, considering that planting and harvesting seasons and shipping schedules might leave them with the unenviable choice between ponying up a ransom or risking a season of profits. The FBI additionally warned that farming and agriculture operations are a potential target for anyone looking to destabilize the US food chain.
According to the FBI bulletin, six grain cooperatives faced ransomware attacks during the fall 2021 harvest season, while an additional two agricultural businesses were attacked early this year. The FBI detailed a range of ransomware variants involved in the attacks, including “Conti, BlackMatter, Suncrypt, Sodinokibi, and Blackbyte,” as well as Lockbit 2.0. In some instances, businesses were forced to halt production. The 2022 attacks involved a “multi-state grain company,”” as well as a “company providing feed milling and other agricultural services,” the latter of which reported twice detecting and stopping a network intruder that “may have attempted to initiate a ransomware attack.”
The threat isn’t so much that farmers won’t be able to harvest crops or something so predictable—at least not until autonomous tractors are ubiquitous. Rather, it’s more that ransomware could lock farmers out of logistics systems and create cascading supply-chain issues. The FBI specifically highlighted large-scale agricultural cooperatives, some of the key players in Big Ag.
Ransomware goons have already demonstrated their ability to inflict delays on the national food chain. In October 2021, cheese giant Schreiber Foods, second only to Kraft in cream-cheese production, was forced to shut down production for a few days due to such an attack. It was ill-timed for Schreiber, as the hack lined up with the holiday-season peak in demand for cream cheese, which doesn’t last all that long compared with hard cheeses. The fiasco contributed to a national schmear shortage.
The advisory doesn’t go into detail as to whether the targets grudgingly paid the ransoms, but does note the timing of the attacks could have been deliberate.
“Although ransomware attacks against the entire farm-to-table spectrum of the food and agriculture sector occur on a regular basis, the number of cyber attacks against agricultural cooperatives during key seasons is notable,” the FBI wrote.
The advisory included the FBI’s routine recommendations for businesses to help avoid getting hit with ransomware, including backing up and air-gapping systems with critical data, implementing recovery plans, developing contingency plans to continue operations in the event of a cyber attack, and practicing good security hygiene like multifactor authentication, use of virtual private networks, and regular system patching.