Food Supply Chain Ripe for Cybercrime
The US Department of Justice has warned the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains. The FBI note stated that companies need to beef up cybersecurity or risk attacks that could hobble their business and affect the critical infrastructure responsible for the US food supply.
In a Private Industry Notice (PIN) published Sept. 1, the FBI warned that “cybercriminals are increasingly targeting the sector with ransomware and other attacks. The notice stated that the increased use of automation in the food and agriculture sector has boosted the number of potential weak points that attackers could exploit.”
Ransomware disruptions within this sector can lead to serious financial loss, productivity declines, and remediation fees, states the FBI. In addition, organizations may experience theft of intellectual property, theft of personally identifiable information, and may incur reputational harm.
The FBI noted that larger agricultural businesses are attacked because they can afford to pay higher ransoms. Smaller entities are targeted because of their inability to afford high-quality cybersecurity.
According to telemetry data from security company Malwarebytes, attacks against the food and agriculture sector increased more than sixfold in 2020, propelling the sector to seventh place among most targeted sectors. The sector is probably going to go up a few more spots on the list: Attacks grew by a more moderate 36% in the first three months of 2021, the business reported.
The industry has already been a target for attacks, most notably the May 2021 raid on Brazilian meat processing giant JBS USA, which the FBI said drove wholesale prices up 25% after various plants across the country were forced to close.
Other incidents cited in the alert include a US bakery which was forced to close for a week in July, a “US-based international food and agriculture business” that was hit by a cybercrime group in November 2020, demanding a $40m ransom, and the attack on beverage giant Molson Coors in March this year.
Companies were urged by the DoJ notice to periodically backup their data, test those backups, and ensure that they can restore from those backups. The PIN also suggested a variety of simple security precautions, including network segmentation, two-factor authentication, routine patching, and blocking any system remote access.
Kotman Technology has been delivering comprehensive technology solutions to clients in California and Michigan for nearly two decades. With a customer retention of over 98%, we pride ourselves on being the last technology partner you'll ever need. Contact us today to experience the Kotman Difference.