Minnesota-based farm supply and grain marketing coop Crystal Valley has become another agribusiness caught up in recent ransomware attacks.
In a Tuesday statement released by the Mankato, Minnesota-based cooperative, it said it was attacked. The following day, its website went offline. The organization serves over 2,500 farmers in southern Minnesota and northern Iowa.
The coop then made a statement on its Facebook page saying the attack “has infected our … computer systems and interrupted the daily operations of our company.”
The attack left the organization unable to accept Visa, Mastercard, and Discover cards until further notice, although “local cards do work.”
“As we continue to navigate through this with the help of experts, we appreciate your patience and understanding. We will continue to update with information as it becomes available,” it added.
The coop’s CEO, Roger Kienholz, told local newspapers it was “working diligently with our internal IT team along with multiple outside technology vendors to restore our data and return to full-service operation in a matter of days, especially now with fall harvest getting underway.”
What ransom cyber criminals have demanded from the small cooperative or what type of ransomware they used in the attack remains unknown. The incident comes just days after an attack on another farming cooperative.
Earlier this week, Iowa-based agricultural coop New Cooperative was hit by an attack by the BlackMatter ransomware gang.
RELATED RESOURCE
The essential cyber security toolkit for SMBs
Practical tips for cyber security training
Andrea Carcano, co-founder of Nozomi Networks, said the food supply chain, and the supply chain in general, doesn’t have strong cyber security measures in place.
“Making matters worse, our national supply chain is already stretched thin due to COVID and recent natural disasters,” he said. “Those suppliers who invest early in strong cybersecurity programs and resiliency are able to respond faster, and with less financial damage, when an attack occurs."
John Shier, senior security advisor at Sophos, told ITPro what was notable about this attack is the company's insistence that they are critical infrastructure and should therefore be spared as per BlackMatter's own policy.
“However, the operators behind BlackMatter disagree with this assessment and are continuing to pursue payment from the victim. This attack will be the first to test the new U.S. government policy on reporting attacks against critical infrastructure to CISA and the Biden administration's response to such an attack,” he said.
-
Nearly one-third of ransomware victims are hit multiple times, even after paying hackersNews Many ransomware victims are being hit more than once, largely thanks to fragmented security tactics
-
Millions of Dell laptops are are at risk thanks to a Broadcom chip vulnerabilityNews Widely used in high-security environments, the PCs are vulnerable to attacks allowing the theft of sensitive data
-
Nearly one-third of ransomware victims are hit multiple times, even after paying hackers
News Many ransomware victims are being hit more than once, largely thanks to fragmented security tactics
-
75% of UK business leaders are willing to risk criminal penalties to pay ransomsNews A ransom payment ban is a great idea - until you're the one being targeted...
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employeesNews The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so farNews A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culpritsNews Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
