BlackMatter demands $5.9 million ransom from Iowa farm cooperative

BlackMatter is demanding the ransom so the cooperative can unlock its systems right before the harvest season is set to begin

New Cooperative, an Iowa-based cooperative that operates grain storage elevators and buys crops from farmers, has been hit by a $5.9 million (£4.3 million) ransom demand after being hit by the BlackMatter group. 

The BlackMatter ransomware leak page shows the gang has obtained financial documents, network information for multiple companies associated with New Cooperative, social security numbers and personal information of employees, and source code for Soil Map, a farmer technology platform, ransomware expert Allan Liska told ZDNet.

The group claims to have 1TB of data and has set a timer it says will expire at midday on 25 September. It's also demanding a $5.9 million ransom payment from New Cooperative.

"We have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained," New Cooperative said in a statement to Reuters. "We also quickly notified law enforcement and are working closely with data security experts to investigate and remediate the situation."

On social media, there are screenshots of chat logs which appear to be between the ransomware group and New Cooperative. The farming group states that it is critical infrastructure as it is intertwined with the food supply chain in the US, and is asking why it was attacked if BlackMatter claims to not attack critical infrastructure.

Related Resource

Ransomware made MSPeasy

The MSP's guide to saving the day

The MSP's guide to ransomware - whitepaper from DattoFree download

“About 40% of grain production runs on our software, and 11 million animals feed schedules rely on us,” said New Cooperative, before adding that CISA would be demanding answers from the group in the next 12 hours and “we are going to have to tell them exactly what happened and why the food supply chain is disrupted”.

BlackMatter refused to back down, replying to the company that “you do not fall under the rules, everyone will only incur losses,” before saying the company should come to an agreement with them and solve everything quickly.

Don Roose, the president of US Commodities in West Des Moines, Iowa, told Reuters that the timing of the attack is making it crucial that NEW Cooperative get its systems back online as soon as it can as many farmers will start their combines this week and begin delivering crops to NEW’s elevators across the state.

“They have got you boxed into a corner,” Roose said. “Harvest is right now. This is the week that we are just starting to ramp up harvest, particularly for soybeans.”

IT Pro has contacted New Cooperative for comment. CISA declined to comment on the story.

In June, JBS Foods paid an $11 million (£7.8 million) ransom to hackers who compromised its IT system. The meat processing company fell victim to a ransomware attack in May and was forced to suspend its systems and, in some areas, shut down production for 24 hours. The company confirmed it made the ransom payment to the attackers, totalling $11 million in Bitcoin.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

How the right software can improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Google accused of 'deceptive' location tracking in fresh US lawsuit
Policy & legislation

Google accused of 'deceptive' location tracking in fresh US lawsuit

25 Jan 2022
Federal Reserve warns foreign centralised digital currencies could decrease global use of dollar
digital currency

Federal Reserve warns foreign centralised digital currencies could decrease global use of dollar

21 Jan 2022
Singapore and Madrid named biggest movers in latest data centre rankings
data centres

Singapore and Madrid named biggest movers in latest data centre rankings

20 Jan 2022
US airlines warn of “catastrophic” crisis days before 5G rollout
5G

US airlines warn of “catastrophic” crisis days before 5G rollout

18 Jan 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022