The FBI warns that cyber - criminals are currently targeting firms in the food and agriculture industries. The Cyber Division issued a Private Industry Notification (PIN) to warn of ransomware attacks targeting the sector. No operation is too big or too little to be a target.
According to the FBI:
Larger businesses are targeted based on their perceived ability to pay higher ransom demands, while smaller entities may be seen as soft targets, particularly those in the earlier stages of digitizing their processes…
In a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems, cybercriminal threat actors use network weaknesses to exfiltrate data and encrypt systems. Ransomware victims in the food and agriculture industry suffer considerable financial losses because of ransom payments, lost productivity, and remediation costs.
The PIN details several ransomware attacks that have harmed food and agriculture industries, including one that occurred in January 2021 on an unnamed US farm, resulting in $9 million in losses due to the disruption of farming operations. The ransomware attackers used compromised credentials to acquire administrator-level access to the internal servers.
A ransomware attack disrupted operations at a US beverage company in March 2021, while cyber-criminal threat actors demanded the payment of a massive $40 million ransom in a November 2020 ransomware attack on a US-based international food and agriculture corporation. The good news is that the victims of the latter ransomware attack were able to restore their backups.
Recommended Mitigations by the FBI
- Regular offline backups and regular changing of passwords (use strong passwords)
- Copies of vital data should not be editable or deleteable from the system, keep copies of sensitive data and servers in a secure location (cloud, hard drive)
- Use administrator access for software updates and regularly update software
- Multifactor authentication should be used (MFA) along with network segmentation
- Disable any unnecessary remote access/RDP ports and keep an eye on the logs
- User accounts with administrator privileges should be audited, and access controls should be configured with the least amount of privilege in mind
- Anti-virus and anti-malware software should be installed and use secure networks, avoid public Wi-Fi (consider VPN)
- Consider including an email banner in messages that come from outside your company and disable hyperlinks in emails you've received
- Focus on cyber security awareness and training (ransomware and phishing scams)
How can modern businesses defend themselves against ransomware attacks?
- Critical Infrastructure Protection
In recent years, ransomware attacks have grown in number and sophistication, as have the expenses associated with them. From 2019 to 2020, average ransom demands more than doubled, with the biggest demand reaching $23 million. Cyber insurance pay-outs increased by 65 % during the same period.
Regardless of whether the malware was deployed in IT or OT systems, cyber actors may gradually broaden their ransomware attack from just information technology (IT) and business processes to include operational technology (OT) assets, which monitor and control physical processes, affecting industrial production.
The need for increased attention when it comes to protecting our key infrastructure is critical, so teaming up with a seasoned IT solutions provider like Columbus is a wonderful place to start. - Customized Data Protection
Data security is critical, but when multiple industries and complicated procedures are thrown into the mix, there is no one-size-fits-all solution. Different companies require different levels of data security. To protect yourself from breaches, you'll need to devise a strategy that best meets your needs and addresses all potential ransomware scenarios.
Consider collaborating with your solution provider to better understand who, when, and how data can be accessed, as well as the best approach to safeguard your organization against ransomware and malware network intrusion.
Get in touch to speak with one of our data security specialists about the best security solution for your company or to schedule a demonstration of our products and services.