The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain.
The bureau’s Cyber Division issued this warning on Wednesday in the form of a TLP:WHITE Private Industry Notification (PIN).
These ransomware attacks can potentially impact a wide range of businesses across the sector, from small farms, markets, and restaurants to large-scale producers, processors, and manufacturers.
Ransomware gangs started focusing their attacks against this industry sector after food and agriculture orgs have become increasingly dependent on smart tech, industrial control systems (ICS), and internet-based automation systems.
“Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs,” the FBI said.
“Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack.”
Also Read: How To Secure Your WiFi Camera: 4 Points To Consider
According to the agency, the average ransom demand has doubled between 2019 and 2020, with the highest ransom demand reaching $50 million this year following a REvil ransomware attack that hit computer giant Acer.
The FBI Internet Crime Complaint Center (IC3) also received over 2,400 ransomware attack complaints amounting to adjusted losses of over $29.1 million during last year according to the IC3’s 2020 Internet Crime Report, after a massive 100% increase in received cybercrime complaints and adjusted losses of more than $29.1 million across all industry sectors.
“Separate studies have shown 50-80 percent of victims that paid the ransom experienced a repeat ransomware attack by either the same or different actors,” the FBI added.
The federal law enforcement agency also highlighted some examples of ransomware attacks impacting businesses in the food and agriculture industry, including :
The FBI and CISA also urged organizations this week not to let down their defenses during weekends or holidays, given that ransomware gangs are increasingly more likely to hit their networks when everyone is out of office.
The two federal agencies warned that they “observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed—in the United States, as recently as the Fourth of July holiday in 2021.”
The recent attacks on the networks of Colonial Pipeline, JBS, and Kaseya were given as examples seeing that they were all hit during weekends.
JBS, the world’s largest beef producer, paid an $11 million ransom to the REvil ransomware gang after a Memorial Day weekend attack. After a Mother’s Day weekend attack, Colonial Pipeline paid a $4.4 million ransom to the DarkSide group.
A large-scale REvil ransomware attack also hit dozens of Kaseya customers and up to 1,500 other downstream businesses over the Fourth of July weekend.
Also Read: Going Beyond DPO Meaning: Everheard of Outsourced DPO?
These warnings come after Deputy National Security Advisor Anne Neuberger urged US businesses to take ransomware seriously following the Colonial Pipeline and JBS ransomware attacks.
Interpol also asked industry partners and police agencies last month to work together to prevent what looks like a ransomware pandemic that’s quickly closing in.
As the FBI and CISA advised in this week’s joint advisory, organizations can take several actions to protect their systems and block ransomware attacks, including: