Ransomware Attacks May Affect Critical Ag Seasons

05/09/2022 Written by: Gina Ekstam

On April 20, 2022, the FBI’s Cyber Division released a Private Industry Notification (PIN) altering Food and Agriculture sectors that ransomware actors may be more likely to attack agricultural cooperatives during critical planting and harvest seasons.

As discussed in our last vertical blog, the ag industry is increasingly becoming a target for cybercrime. According to the PIN, six ransomware attacks were reported during the fall 2021 harvest, and two attacks were reported in early 2022. The timing of these attacks could disrupt the supply of seeds and fertilizer, impacting the planting season and the entire farm-to-table spectrum.

Sophisticated, high-impact ransomware incidents against critical infrastructure organizations are increasing worldwide. Because cybercriminals will continue to exploit network, system, and application vulnerabilities in the ag industry, the FBI recommends implementing the following steps to help mitigate the threat.

  • Regularly back up data, air gap, and password-protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
  • Implement a recovery plan that includes maintaining and retaining multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).
  • Identify critical functions and develop an operations plan if systems go offline. Think about ways to operate manually if it becomes necessary.
  • Implement network segmentation.
  • Install updates/patch operating systems, software, and firmware as soon as they are released.
  • Use multi-factor authentication where possible.
  • Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts and use strong passphrases where possible.
  • Disable unused remote access/RDP ports and monitor remote access/RDP logs.
  • Require administrator credentials to install software.
  • Audit user accounts with administrative or elevated privileges and configure access controls with the least privilege in mind.
  • Install and regularly update anti-virus and anti-malware software on all hosts.
  • Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a virtual private network (VPN).
  • Consider adding an email banner to messages coming from outside your organization.
  • Disable hyperlinks in received emails.
  • Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques and overall emerging cybersecurity risks and vulnerabilities (e.g., ransomware and phishing scams).

Ransomware attacks not only disrupt operations and cause financial loss, an attack on our food and ag industry has the potential to negatively impact the food supply chain. AssuredPartners agribusiness team is dedicated to educating our clients on this increasing risk. Contact a member of our team to learn more.

Best Practices for Railroad Track Inspections: Ensuring Safety and Compliance

In light of recent incidents involving railroad derailments, regular railroad track inspections have never been more critical. Proper maintenance of railroad tracks is essential for preventing...

Navigating Transportation Disruptions: The Need for Alternative Ag Supply Chain Solutions

The average person will walk 1,182 miles in an entire year, yet the food on your plate for just one meal most likely traveled 1,500 miles before it got to you. We don't often think about how far our...

Agribusiness Worker Demands
H-2A Worker Demands Continue to Increase

Even before the longstanding labor market crunch, farms had difficulty recruiting domestic workers for farm work. This resulted in farms increasingly turning to the H-2A visa program to get...