Be on the Alert: Cyber Criminal Actors are Targeting the Food and Agriculture Sector with Ransomware Attacks

04 September 2021
Vermont Intelligence Center

By The FBI, Cyber Division and the Vermont Intelligence Center - September 1, 2021

Summary 

Ransomware attacks targeting the Food and Agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants.  Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack. 

Threat Overview 

The Food and Agriculture sector is among the critical infrastructure sectors increasingly targeted by cyber attacks. As the sector moves to adopt more smart technologies and internet of things (IoT) processes the attack surface increases. Larger businesses are targeted based on their perceived ability to pay higher ransom demands, while smaller entities may be seen as soft targets, particularly those in the earlier stages of digitizing their processes, according to a private industry report.  

In a ransomware attack, victims’ files are encrypted and made unavailable, and the attacker demands a payment for the decryption tool and key. As of 2019, sensitive data files are commonly exfiltrated prior to encryption, and the attacker demands a payment not to publish the sensitive data on a “name-and-shame” website. This double extortion potentially gives the attacker more leverage to ensure payment, based on the potential damage caused by a significant data breach of sensitive information.  

What you can do 

Cyber criminal threat actors will continue to exploit network system vulnerabilities within the food and agriculture sector. This is a short list of steps that can be implemented to mitigate the threat and protect against ransomware attacks:  

  • Regularly back up data, air gap, and password protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.  
  • Install updates/patch operating systems, software, and firmware as soon as they are released.  
  • Use multifactor authentication with strong pass phrases where possible.  
  • Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts.  
  • Require administrator credentials to install software.  
  • Install and regularly update anti-virus and anti-malware software on all hosts.  
  • Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.  
  • Consider adding an email banner to messages coming from outside your organizations.  
  • Disable hyperlinks in received emails.  

For additional resources related to the prevention and mitigation of ransomware, go to https://www.stopransomware.gov as well as the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide. Stopransomware.gov is the U.S. Government’s new, official one-stop location for resources to tackle ransomware more effectively. 

Contact Information

Agency of Agriculture, Food & Markets

116 State Street
Montpelier, Vt 05620-2901
802.828.2430

 

Program Contacts

  • Media Inquiries                      802.622.4662
  • Licensing & Registration        802.828.2436
  • Business Development          802.828.1619
  • Feed, Seed, Fertilizer & Lime  802.828.5050
  • Working Lands                    802.622.4477
  • Public Health & Resource Management                802.828.2431
  • Laboratory                                  802.585.6073
  • Animal Health                        802.828.2421
  • Dairy                              802.828.2433
  • Consumer Protection / Weights & Measures                           802.828.2433
  • Produce Program                  802.461.5128
  • Meat Inspection                    802.828.2426
  • Water Quality                               802.828.2431
    • Grants                                  802.622.4098
    • Enforcement                                802.828.2431
    • Reports                                      802.272.0323
    • BMP's                                      802.828.3474
  • Act 250                          802.828.2431 
  • Pesticide                        802.828.2431