<img src="https://secure.leadforensics.com/133892.png" alt="" style="display:none;">

3 min read

Is the food and agriculture industry the next target for ransomware?

Ron Kordys
Sep 29, 2021
Ron Kordys
Home
  • Blog
  • Is the food and agriculture industry ...

The FBI warns that cyber - criminals are currently targeting firms in the food and agriculture industries. The Cyber Division issued a Private Industry Notification (PIN) to warn of ransomware attacks targeting the sector. No operation is too big or too little to be a target.

According to the FBI:

Larger businesses are targeted based on their perceived ability to pay higher ransom demands, while smaller entities may be seen as soft targets, particularly those in the earlier stages of digitizing their processes…

In a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems, cybercriminal threat actors use network weaknesses to exfiltrate data and encrypt systems. Ransomware victims in the food and agriculture industry suffer considerable financial losses because of ransom payments, lost productivity, and remediation costs.

The PIN details several ransomware attacks that have harmed food and agriculture industries, including one that occurred in January 2021 on an unnamed US farm, resulting in $9 million in losses due to the disruption of farming operations. The ransomware attackers used compromised credentials to acquire administrator-level access to the internal servers.

A ransomware attack disrupted operations at a US beverage company in March 2021, while cyber-criminal threat actors demanded the payment of a massive $40 million ransom in a November 2020 ransomware attack on a US-based international food and agriculture corporation. The good news is that the victims of the latter ransomware attack were able to restore their backups.

Recommended Mitigations by the FBI

  • Regular offline backups and regular changing of passwords (use strong passwords)
  • Copies of vital data should not be editable or deleteable from the system, keep copies of sensitive data and servers in a secure location (cloud, hard drive)
  • Use administrator access for software updates and regularly update software
  • Multifactor authentication should be used (MFA) along with network segmentation
  • Disable any unnecessary remote access/RDP ports and keep an eye on the logs
  • User accounts with administrator privileges should be audited, and access controls should be configured with the least amount of privilege in mind
  • Anti-virus and anti-malware software should be installed and use secure networks, avoid public Wi-Fi (consider VPN)
  • Consider including an email banner in messages that come from outside your company and disable hyperlinks in emails you've received
  • Focus on cyber security awareness and training (ransomware and phishing scams)

How can modern businesses defend themselves against ransomware attacks?

  • Critical Infrastructure Protection
    In recent years, ransomware attacks have grown in number and sophistication, as have the expenses associated with them. From 2019 to 2020, average ransom demands more than doubled, with the biggest demand reaching $23 million. Cyber insurance pay-outs increased by 65 % during the same period.
    Regardless of whether the malware was deployed in IT or OT systems, cyber actors may gradually broaden their ransomware attack from just information technology (IT) and business processes to include operational technology (OT) assets, which monitor and control physical processes, affecting industrial production.
    The need for increased attention when it comes to protecting our key infrastructure is critical, so teaming up with a seasoned IT solutions provider like Columbus is a wonderful place to start.
  • Customized Data Protection
    Data security is critical, but when multiple industries and complicated procedures are thrown into the mix, there is no one-size-fits-all solution. Different companies require different levels of data security. To protect yourself from breaches, you'll need to devise a strategy that best meets your needs and addresses all potential ransomware scenarios.

Consider collaborating with your solution provider to better understand who, when, and how data can be accessed, as well as the best approach to safeguard your organization against ransomware and malware network intrusion.

Get in touch to speak with one of our data security specialists about the best security solution for your company or to schedule a demonstration of our products and services.

[GUIDE] How much will implementing Power BI cost you
Topics
Ron Kordys

Ron Kordys

Digital Transformation leader responsible for building processes and procedures to plan, deliver, operate, and control IT services offered to customers. Skilled in Digital Transformation, Project Management, Business Development, IT Strategy, Data Center Management, and Client Relationship Management. Strong program and project management professional with a Bachelor’s Degree focused in Computer Information Systems – from Purdue University, West Lafayette, Indiana.

Discuss this post

Recommended posts

5 Essential Steps for Business Leaders to Win Big with Generative AI

Charles Wright

The hype around the rise of generative AI technologies makes huge promises about the potential of the technology. Yet it would be fair to say the vast majority of organizations are only experimenting with the technology or using it in isolated use cases.

Critical steps to training and evaluating AI and ML models

Naga Chaitanya

As artificial intelligence (AI) and machine learning (ML) reshape industries and redefine possibilities, mastering the art of AI and ML model development and evaluation has never been more crucial. Behind every powerful AI or ML model lies strategic decisions, intricate algorithms and critical evaluations. Within the Model and Evaluate phases of the Columbus AI Innovation Lab, we delve into these aspects and how to use diverse metrics to evaluate a machine learning model’s performance, along with its strengths and weaknesses.

How to Select AI Use Cases to Help Your Business Succeed - US

Avinash Gundra

If you have identified possible AI use cases for your business, the next step will be to test if they are possible to implement and if they will create great value. While there is a lot of momentum and excitement about using AI to propel your business, the reality is only 54% of AI projects are deployed. How do you ensure you’re one of the businesses that does unlock the new opportunities AI promises? Your success with AI begins by discovering AI use cases that work for your business. In the first blog of our Columbus AI blog series, we shared five areas where organizations should focus their efforts to generate ideas for AI implementations based on our experience. After generating some ideas for AI use cases that could potentially benefit your company from the first step of the Columbus AI Innovation Lab, the next step is to test which AI use cases could be operationalized by evaluating them. Columbus AI Innovation Lab

Machine Learning: Bridging Gaps in Demand Forecasting

Santosh Kataram

Demand forecasters do the impossible — predict what products and services customers want in the future. Their forecasts inform decision-making about production and inventory levels, pricing, budgeting, hiring and more. "While crystal balls remain imaginary, machine learning (ML) methods can give global supply chain leaders the support they need in the real world to create more accurate forecasts." The goal is to produce exactly the amount of product to meet demand. No more. No less. Demand forecasting is used to anticipate the demand with enough time to manufacture the right stock to get as close to this reality as possible. The cost is high if you don’t get it right. Your customers will go to your competitors if you don’t have what they need. Unfortunately, capacity, demand and cost aren’t always known parameters. Variations in demand, supplies, transportation, lead times and more create uncertainties. Ultimately demand uncertainties greatly influence supply chain performance with widespread effects on production scheduling, inventory planning and transportation. On the heels of the global pandemic, supply chain disruptions and a pending economic downturn, many demand forecasters wish for a crystal ball. While crystal balls remain imaginary, machine learning (ML) methods can give global supply chain leaders the support they need in the real world to create more accurate forecasts.

Applying AI: How to Define Valuable AI Use Cases - US

Santosh Kataram

Only half of the companies starting an AI pilot project are actually executing it. The key is to choose an idea that will benefit your business. Read more about how! In 2022, 27% of chief information officers confirmed they deployed artificial intelligence (AI), according to a Gartner AI survey. Even though businesses across all industries are turning to AI and machine learning, prepare your organization before jumping on the AI bandwagon by considering a few factors. Ask yourself: Is AI necessary for achieving the project requirements or is there another way? Does your team have the skills to support AI and machine learning? How will AI impact your current operations if you adopt it? How will you integrate AI with existing systems? What are the data, security and infrastructure requirements of AI and machine learning? The Gartner AI survey found only 54% of projects made it from the pilot phase to production. After significant investment in AI, why aren’t companies deploying it? We found the problem begins when companies define a use case. Too often, companies are not identifying AI use cases that benefit their businesses and end-users will adopt. The question is then, how should companies unlock the value and new opportunities AI promises? It starts with a systematic approach for each stage of the AI life cycle. We developed the Columbus AI Innovation Lab, a comprehensive method to address and account for all challenges when adding AI to your business operations and bring stakeholders into the process at the right time to help you operationalize AI.
right-arrow share search phone phone-filled menu filter envelope envelope-filled close checkmark caret-down arrow-up arrow-right arrow-left arrow-down