Ransomware Attacks May Affect Critical Ag Seasons

05/09/2022 Written by: Gina Ekstam

On April 20, 2022, the FBI’s Cyber Division released a Private Industry Notification (PIN) altering Food and Agriculture sectors that ransomware actors may be more likely to attack agricultural cooperatives during critical planting and harvest seasons.

As discussed in our last vertical blog, the ag industry is increasingly becoming a target for cybercrime. According to the PIN, six ransomware attacks were reported during the fall 2021 harvest, and two attacks were reported in early 2022. The timing of these attacks could disrupt the supply of seeds and fertilizer, impacting the planting season and the entire farm-to-table spectrum.

Sophisticated, high-impact ransomware incidents against critical infrastructure organizations are increasing worldwide. Because cybercriminals will continue to exploit network, system, and application vulnerabilities in the ag industry, the FBI recommends implementing the following steps to help mitigate the threat.

  • Regularly back up data, air gap, and password-protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
  • Implement a recovery plan that includes maintaining and retaining multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).
  • Identify critical functions and develop an operations plan if systems go offline. Think about ways to operate manually if it becomes necessary.
  • Implement network segmentation.
  • Install updates/patch operating systems, software, and firmware as soon as they are released.
  • Use multi-factor authentication where possible.
  • Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts and use strong passphrases where possible.
  • Disable unused remote access/RDP ports and monitor remote access/RDP logs.
  • Require administrator credentials to install software.
  • Audit user accounts with administrative or elevated privileges and configure access controls with the least privilege in mind.
  • Install and regularly update anti-virus and anti-malware software on all hosts.
  • Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a virtual private network (VPN).
  • Consider adding an email banner to messages coming from outside your organization.
  • Disable hyperlinks in received emails.
  • Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques and overall emerging cybersecurity risks and vulnerabilities (e.g., ransomware and phishing scams).

Ransomware attacks not only disrupt operations and cause financial loss, an attack on our food and ag industry has the potential to negatively impact the food supply chain. AssuredPartners agribusiness team is dedicated to educating our clients on this increasing risk. Contact a member of our team to learn more.

Red tractor plowing a field
Electric Vehicles Face Hurdles in Agriculture Industry

Electric vehicles (EVs) continue to make headlines, and with recent federal rebates, commercial EV sales have dramatically increased. However, concern continues to center around the slow adoption of...

October Agribusiness Blog
Low Mississippi River Water Levels Could Disrupt Grain Harvest Again

A shrinking Mississippi River is clogging a critical shipping artery for the second consecutive year and could leave farmers with limited options to transport grains as they enter the harvest...

What to Consider if You’re Using Drones for Aerial Application

Do you own an unmanned aircraft system (UAS) / drone? Do you want to insure your drone? Until about a year ago, these were the only questions an insurance agent needed to ask regarding the use of...