Ransomware Attacks on the Food Supply Chain

9551617685?profile=RESIZE_180x180Did you ever wonder how a can of green beans gets to the shelf of your supermarket?  Well, from planting the seeds, harvesting the crop, canning the beans, and pushing them to market – is all called the ‘Food Supply Chain.’  Now cyber-attackers are targeting our food supply chain and the Jolly Green Giant ain’t so happy.

The US Federal Bureau of Investigation (FBI) has issued a new alert on 06 September 2021 warning companies in the food and agricultural sector that they are increasingly at risk of ransomware as their corporate attack surface expands.  The Private Industry Notification (PIN) noted that the vertical is a critical infrastructure sector that, if impacted by such threats, could negatively impact the food supply chain.  The FBI said that all kinds of companies in the food industry are at risk, including processors, manufacturers, markets, farms, and restaurants.

“Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants,” it continued.  “Cyber-criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems.”

To help fend off the possibility of a damaging attack, the FBI recommends all companies keep their data backed up regularly and that they employ network segmentation and two-factor authentication.  In addition, organizations should keep systems and applications updated, implement recovery plans, use strong passwords, perform network audits, install and regularly update anti-malware software and disable remote access if not used.

Attacks may target larger organizations, deemed more likely to pay higher ransom demands, and smaller firms perceived as softer targets.  For both, the increasing move to IoT may offer a new attack surface to target, the FBI warned.  “According to a private industry report, cyber actors may gradually broaden their attack from just IT and business processes to also include the operational technology (OT) assets, which monitor and control physical processes, impacting industrial production regardless of whether the malware was deployed in IT or OT systems,” it noted.

As with all ransomware victims, those in the food and agricultural sector would suffer lost productivity, theft of proprietary and personal information, and reputational and financial damage, the alert claimed.

The industry has already been a target for attacks, most notably the May 2021 raid on Brazilian meat processing giant JBS USA, which the FBI said drove wholesale meat prices up 25% after various plants across the country were forced to close.

Other incidents cited in the alert include a US bakery which was forced to close for a week in July, as a “US-based international food and agriculture business” was hit by the one percent group in November 2020, demanding a $40m ransom and the attack on beverage giant Molson Coors in March 2021.  Attacking beer has gone too far.

How to subscribe to FBI email updates:  https://www.fbi.gov/email-updates

The following is what Red Sky Alliance recommends:

  • All data in transmission and at rest should be encrypted.
  • Proper data backup and off-site storage policies should be adopted and followed.
  • Implement 2-Factor authentication-company-wide.
  • For USA readers, join and become active in your local Infragard chapter, there is no charge for membership. infragard.org
  • Update disaster recovery plans and emergency procedures with cyber threat recovery procedures. And test them.
  • Institute cyber threat and phishing training for all employees, with testing and updating.
  • Recommend/require cyber security software, services, and devices to be used by all at-home working employees and consultants.
  • Review and update your cyber threat and information security policies and procedures. Make them a part of all emergency planning and training.
  • Ensure that all software updates and patches are installed immediately.
  • Enroll your company/organization in RedXray for daily cyber threat notifications are directed at your domains. RedXray service is $500 a month and provides threat intelligence on nine (9) cyber threat categories including Keyloggers, with having to connect to your network.
  • Purchase annual cyber insurance coverage from Red Sky Alliance provided by Cysurance.

Red Sky Alliance is a Cyber Threat  Analysis and  Intelligence Service organization. For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/3702558539639477516

 

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!