Nov 2, 2021
0 0

FBI warns of ransomware threat to food and agriculture

Written by

We research. You level up.
Protect your devices, your data, and your privacy—at home or on the go.
“Thanks to the Malwarebytes MSP program, we have this high-quality product in our stack. It’s a great addition, and I have confidence that customers’ systems are protected.”
Featured Event: RSA 2021
Activate Malwarebytes Privacy on Windows device.
Cybersecurity Month: Save 25% on EP and EDR for your business – BUY NOW

Posted: by
The FBI has issued a Private Industry Notification (PIN) about cybercriminal actors targeting the food and agriculture sector with ransomware attacks.
Farms are literally the first step in one of the most important, if not the most important, supply chain in our economy: The food supply chain. As always, cybercriminals love the extra leverage that is provided by how important a target is.
Ransomware attacks targeting the food and agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. Food and agriculture businesses victimized by ransomware suffer significant financial loss from ransom payments, loss of productivity, and the (often neglected) cost of remediation. And, as the FBI points out, no operation is too big, or too small, to be a target:
Larger businesses are targeted based on their perceived ability to pay higher ransom demands, while smaller entities may be seen as soft targets, particularly those in the earlier stages of digitizing their processes…
The FBI also warns that ransomware can carry a cost in lost data: “Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack.”
Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to be aware of the risks created by connecting this ancient part of our food supply chain to the Internet. As farms have grown in scale they have increased their level of automation, making farms and farm equipment Internet-connected cogs in the of the Internet of Things “machine”. This comes at the cost of a significant increase of their attack surface.
The state of IoT is poor enough as it is, security wise. But manufacturers of agricultural equipment have spent the last few years locked in an automation arms race, and the side effects of this race are starting to show. In any industry that is developing and adopting new technology at pace you can expect growing pains and security is often the last thing on the developers’ minds. So it is with agriculture.
In our most recent Lock and Code podcast, Malwarebytes Labs’ David Ruiz spoke to hacker Sick Codes, whose research into cybersecurity in agriculture has been instrumental in raising its profile this year.
In it, he told us that the industry is starting to take security seriously, but it is still grappling with the basics, leaving it dangerously exposed. Speaking about his research into John Deere and another agricultural equipment manufacturers, he gave us an example of what he found, in plain terms:
A group of less than 10 people were able to pretty much get root [the highest level of access] on John Deere’s Operations Center, which connects to every other third party connectivity service that they have. You know, you can get every farms’ data, every farms’ water, I’m talking everything. We had like the keys to the kingdom. And that was just a few people in two days.
Sick Codes and the FBI aren’t the only ones to notice that something is up in agriculture. As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020.
As the manufacturing and automotive sectors contracted in 2020, under the weight of pandemic shutdowns, attackers simply turned their faces to other industries, with agriculture by far the biggest loser.
While the FBI’s warning focusses on the threat to individual operators, the rapid computerization of agriculture also carries potential risks for the system of food production itself.
Connectivity and centralization could create opportunities for threat actors—state sponsored or otherwise—to throw a wrench in the workings of our critical infrastructure. Attackers could potentially provide false data to farming equipment, change the temperature in greenhouses, alter the composition of fertilizers, or bring businesses to a crashing halt by deploying ransomware. All of which could lead to shortages and increased food costs.
The agriculture sector needs to be as prepared as any other sector to withstand attacks by cybercriminals. But the sector is only as secure as the technology it relies on, so our food supply requires secure IoT devices and Cloud services for food and agriculture too.
The FBI notice includes the following recommendations:
To learn more about the current state of cybersecurity in the Internet-connected world of agriculture, you can listen to our Lock and Code podcast below:

July 16, 2019 – Often, older generations must turn to their progenitors for help with technology. What are their frustrations and concerns, and how can younger generations better help?
July 2, 2019 – Apps that cooperate and share permissions might seem convenient, but are they worth the security and privacy risk?
July 30, 2019 – Equifax has been ordered to pay at least $650 million in relation to its enormous 2017 data breach. Users who were affected might be eligible for a claim. But watch out for scams!
August 21, 2019 – Researchers called it KNOB, a clever attack against the firmware of a Bluetooth chip that can allow hackers to successfully hijack paired devices and steal their sensitive data. Are users at risk?
October 16, 2019 – Passwords are a burden and security risk, especially when used as a single authentication method. Can we get rid of passwords once and for all? We list alternative authentication methods and discuss their pros and cons.

Malware Intelligence Researcher
Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.
Silouette of person

Threat Center

Book with bookmark

Suspicious person

Write for Labs

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.
Imagine a world without malware. We do.
© All Rights Reserved
Select your language
Cybersecurity basics
Your intro to everything relating to cyberthreats, and how to stop them.


Article Categories:
Security Awareness

Leave a Reply