The FBI has published a private industry advisory on Wednesday, alerting the food and agriculture sectors that they have been under active attack by ransomware organizations. The cybercriminals' approach to firms in this area is unremarkable; the methods and procedures they deploy are well-known.
According to the FBI, ransomware gangs want to "disrupt operations, cause financial loss, and negatively impact the food supply chain."
"Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants. Cybercriminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems," the FBI said.
Food and agriculture enterprises that are victims of ransomware incur massive financial losses as a result of ransom alongside suffering productivity losses and remediation costs. Organizations may potentially lose proprietary information and personally identifying information as a result of a ransomware operation, as well as suffer negative publicity.
Many of the world's largest food firms now use a variety of IoT devices and smart technology in business processes. According to the FBI, bigger agricultural firms are attacked since they can manage to pay bigger ransoms, but smaller entities are targeted because they cannot afford high-quality cybersecurity.
"From 2019 to 2020, the average ransom demand doubled and the average cyber insurance payout increased by 65 percent from 2019 to 2020. The highest observed ransom demand in 2020 was $23 million, according to a private industry report. According to the 2020 IC3 Report, IC3 received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million across all sectors," the FBI said.
In an industry that is heavily dependent on smart technologies, industrial control systems, and web automation systems, cyber attackers use networking weaknesses to steal information data and encrypt systems.
According to the organization, cybercriminals employ a myriad of methods to attack individuals with ransomware like email phishing operations, Remote Desktop Protocol (RDP) vulnerabilities, and software vulnerabilities; these are the most popular method of attack.