New Ransomware Attacks on Agriculture Beg the Question: Is the Industry Secure?

New Ransomware Attacks on Agriculture Beg the Question: Is the Industry Secure?

Over the past week, a pair of new cyberattacks hit two Midwestern farm cooperatives, demanding payment in exchange for access to their computer systems and data. These are the latest in a line of similar attacks that have targeted the agricultural industry, which begs the question: What can agriculture do to protect itself?

On September 21, the Washington Post published an article revealing that NEW Cooperative, which makes farming software primarily for grain production, had been struck with a ransomware attack. A few days earlier, a smaller cooperative, the Minnesota-based Crystal Valley, had been hit. It has been only a few months since JBS, the world’s largest meat-processing corporation, suffered a ransomware attack so serious that the company was forced to temporarily shut down nine beef plants.

In a ransomware attack, hackers gain access to a company’s computer systems, which may give them further access to confidential customer data, proprietary information or the ability to bring parts of the entire company offline. Control of these systems will, the hackers propose, be returned to the owners, as long as a ransom is paid. In the case of NEW Cooperative, the proposed ransom was set at $5.9 million; Crystal Valley did not reveal what the demands may have been.

The group BlackMatter claimed credit for the hack; BlackMatter is suspected to consist primarily of Russian hackers, as interviews with the group have been conducted in Russian. BlackMatter, interestingly, has publicly proclaimed what it will and will not attack. According to Ars Technica, the group’s website (viewable via Tor, on what’s sometimes called the Dark Web) specifically states that it will not attack those providing essential services, including health care, nonprofit and defense. NEW Cooperative, of course, says that it does in fact provide essential services; the company said, according to a report, that it provides software to 40 percent of American grain production, as well as feed scheduling for millions of livestock animals. BlackMatter denied that these counted as essential services.

In a 2019 report, researchers from the University of Minnesota outlined just how serious the risk of cyberattack is to the American food and agriculture systems. That report indicated that American agriculture is extremely vulnerable, owing to outdated security, poor coordination among businesses and a lack of emphasis within the industry on cybersecurity. The Biden administration has recently outlined a new national security memorandum that would include cybersecurity as it relates to agriculture, but the plan at the moment is for any program to be voluntary, which would severely limit its effectiveness.