FBI warns of cyber attacks targeting U.S. food and agriculture sectors
WASHINTON, DC – A group of national security agencies have issued an advisory for the potential of ransomware cyberattacks against two U.S. food and agriculture organizations.
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and National Security Agency (NSA) says the advisory includes technical details, analysis of the threat and actions to prevent an attack.
Previous news reports linked attacks on U.S. grain cooperatives in Iowa and Minnesota (NEW Cooperative and Crystal Valley Cooperative), to BlackMatter, highlighting digital security risks to the U.S. and global food supply chain.
JBS USA, a major meat producer, and IT company Kaseya were also hit by Russian-linked ransomware attacks, while companies such as Sinclair Broadcast Group and T-Mobile have also been hit by cyberattacks in recent months.
In May, a ransome ware attack shut down the biggest U.S. gasoline pipeline, Colonial Pipeline, disrupting markets and supplies of gasoline, diesel and jet fuel.
While this weeks release doesn’t identify the targets, the agencies say the attack could be through BlackMatter ransomware, a tool that developers can profit from cybercriminal affiliates who deploy it.
The new advisory provides an overview of the threat, its tactics, detection signatures to help identify and block network activity associated with the threat, and mitigation best practices.
“BlackMatter actors have attacked numerous U.S.-based organizations and have demanded ransom payments ranging from $80,000 to $15,000,000 in Bitcoin and Monero,” they warned..
Rob Joyce, Director of Cybersecurity at NSA, says the threat of cyberattacks has gone beyond impacts to a company but has risen to a national security issue.
In a related news, agency officials also urged victims to report attacks.
“Unfortunately, too many ransomware incidents go unreported, and because silence benefits the cybercriminals the most, we ask targeted entities to contact their local FBI Field Office and speak to a cyber agent,” said Bryan Vorndran, Assistant Director of the FBI’s Cyber Division.