FBI Warns of Ransomware Attacks on US Agriculture Sector

Agricultural field with wheat crops and a large harvester in the background

The Federal Bureau of Investigation (FBI) has warned that the US food and agriculture sector are among the critical infrastructure sectors facing growing ransomware attacks.

These attacks could “disrupt operations, cause financial loss, and negatively impact food supply chain,” the bureau said. “Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants,” it added.

Food and Agriculture Sector at Risk

The FBI’s notice says that cybercriminals are increasingly targeting the food and agriculture sector, adding that these attacks are likely to increase as the sector adopts more smart technologies and IoT processes. The notice also states that both large and small businesses are ransomware targets. Larger businesses are bigger targets due to their ability to pay more, whereas smaller businesses are seen as soft targets.

The FBI explained that a ransomware attack leaves the victim’s files encrypted and unavailable, and the attacker demands a ransom for the decryption keys. Attackers extract sensitive personal or corporate information, according to the FBI’s report. They then threaten to release this information unless they receive payment.

The notice adds that a large number of victims, between 50% to 80%, that paid a ransom suffer from repeat attacks. The most common means of infection are email phishing campaigns, Random Desktop Protocol (RDP) vulnerabilities, and software vulnerabilities. However, cybercriminals rely on a variety of other techniques, as well.

The notice states that the impact of ransomware attacks continues to grow, as the average ransom doubled from 2019 to 2020. Additionally, the average cyber insurance payout increased by 65% over the same period. It also lists some high-profile ransomware attacks against companies in the food and agriculture sector, including two attacks involving the REvil ransomware from earlier this year.

The notice adds that it expects ransomware attacks to continue to rise. The FBI provided a list of mitigating steps that companies can take, including regularly backing up data, air gapping, and password-protecting backup copies offline.

Companies should also ensure that copies of critical data are not available for modification or deletion, the FBI said. The bureau also recommends implementing network segmentation, installing OS software patches and updates immediately, and using multi-factor authentication.

The notice advises against using public Wi-Fi and un-secure networks. Furthermore, it recommends installing and using a VPN. For more information on VPNs, such as which VPN would be best for your needs, check out our resource here.

If you want to learn more about ransomware and how or why it’s been spreading so rapidly recently, consider reading our detailed resource on Ransomware as a Service.

Technology policy researcher
Prateek is a technology policy researcher with a background in law. His areas of interest include data protection, privacy, digital currencies, and digital literacy. Outside of his research interests, Prateek is an avid reader and is engaged in projects on sustainable farming practices in India.