$5.9 Million Ransomware Attack on Farming Co-op May Cause Food Shortage
(by Ax Sharma | Ars Technica) – Iowa-based provider of agriculture services NEW Cooperative Inc. has been hit by a ransomware attack, forcing it to take its systems offline. The BlackMatter group that is behind the attack has put forth a $5.9 million ransom demand. The farming cooperative is seen stating the attack could significantly impact the public supply of grain, pork, and chicken if it cannot bring its systems back online.
BlackMatter says it doesn’t hit “critical infrastructure”
Ransomware group BlackMatter has hit NEW Cooperative and is demanding $5.9 million to provide a decryptor, according to screenshots shared online by threat intel analysts.
“Your website says you do not attack critical infrastructure. We are critical infrastructure… intertwined with the food supply chain in the US. If we are not able to recover very shortly, there is going to be very very public disruption to the grain, pork, and chicken supply chain,” a NEW Cooperative representative appears to be telling BlackMatter during a private negotiation chat.
The farming organization says its software powers about 40 percent of grain production and feed schedules of 11 million farm animals. And, as such, US federal government regulators like CISA may soon step in should the cooperative’s systems not come back online soon.
🌐 BlackMatter #Ransomware group just ransomed another food critical infrastructure in the US, The ransom demand is 5,900,000$ for now 🚨
The victim is playing by the rules: “@CISAgov is going to be demanding answers from us within the next 12 hours” 🧐#BlackMatter pic.twitter.com/Iciet8lhwQ
— DarkFeed (@ido_cohen2) September 20, 2021
BlackMatter responded that it disagreed with the farming organization falling within the “critical infrastructure” category.
A note seen by Ars on BlackMatter’s Tor leak site states the group does not attack hospitals, oil and gas companies, non-profit and government organizations, and those in the defense sector. Should the group accidentally encrypt computers belonging to one of these organizations, victims can ask for a free decryptor. But, the list of “critical infrastructure facilities” is limited to power generation plants and water treatment facilities, according to BlackMatter’s criteria. Read Full Article >