US agriculture secretary Tom Vilsack has urged the country‘s agri co-op sector to improve cyber defences after two ransomware attacks.
His comments came after Russian hackers struck against Minnesota-based farm supply and grain marketing co-op Crystal Valley, and Iowa’s corn and soy growers’ co-op New Cooperative.
New Cooperative was hit with a $5.9m ransomware demand to unlock the computer networks used to keep food supply chains and feeding schedules on track for millions of farm animals.
Hacking group BlackMatter threatened to publish the co-op’s data, including invoices, research and development documents, and the source code to its soil-mapping technology, if it did not receive the ransom in cryptocurrency.
The co-op developed a workround and contained the attack, but took its system offline as a precaution, leaving farmers to use paper tickets to log shipments.
Crystal Valley Cooperative announced on Facebook that it had been hit with a ransomware attack on 19, September.
“The attack has infected our computer systems and interrupted the daily operations of our company,” it said. “Due to this computer breach, all systems of the Mankato-based cooperative have been shut down until they can be restored safely and securely.”
Speaking at the National Association of State Departments of Agriculture’s annual meeting, Mr Vilsack said: “We want to make sure during this harvest that we don’t have any additional disruptions as a result of systems being hacked.”
Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, told the Washington Post his organisation is in “in close contact with New Cooperative and have offered assistance in supporting the company’s response and recovery. The company is engaging proactively with CISA as the investigation progresses.”
Digital identity management firm FYEO told tech website zdnet it had identified problems of weak passwords at New Cooperative and urged the industry to strengthen its passwords policy.
FYEO’s chief operating officer Tammy Kahn said he was also concerned that the attack suggested that “hackers are still going after critical infrastructure and seeking to disrupt supply chains.“
- This article was amended on 11 October to give the correct name for Tammy Kahn in the final paragraph
