FBI Warns Farmers to Beware Ransomware Cyberattacks

WASHINGTON — The FBI issued a warning this week to farm cooperatives that ransomware attackers are increasingly trying to disrupt their operations during the planting and harvest seasons.

The FBI announcement was one of several warnings about cyberattacks that are becoming more shrill as Russia continues its invasion of Ukraine.

Another warning came from the Five Eyes nations, which released a joint cybersecurity advisory this week that says Russian state-sponsored cybercriminal groups that sympathize with them are likely to target critical infrastructure.

Five Eyes refers to an intelligence alliance between the United States, United Kingdom, Australia, Canada and New Zealand.

“Some groups have also threatened to conduct cyber operations against countries and organizations providing materiel support to Ukraine,” the advisory says.

Recent ransomware attacks against the United States have hit 14 of 16 critical infrastructure sectors, the FBI and affiliated agencies reported. They included food and agriculture, the defense industry, government facilities, emergency services and information technology.

Ransomware refers to a kind of computer malware in which the cyberattackers threaten to publish the victims’ personal data or block access to their own files unless they pay a ransom. More advanced ransomware threatens to destroy the victims’ files.

“Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity,” the Five Eyes advisory said. “This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners.”

For the agricultural industry, the timing and critical nature of planting and harvesting means farmers often have no better option than to pay the ransom to avoid losing their crops. The attacks normally are aimed at the computerized supply lines for seeds and fertilizer.

“The FBI noted ransomware attacks during these seasons against six grain cooperatives during the fall 2021 harvest and two attacks in early 2022,” the notice says.

The agency said the attacks were “disrupting operations, causing financial loss and negatively impacting the food supply chain.”

The FBI warning coincides with the April planting season in the United States. This month, many farmers plant corn, tomatoes, broccoli and other vegetables.

In the previous attacks, some victims were forced to temporarily halt production, according to the FBI. The notice does not say whether they paid a ransom.

Last month, cybercriminals launched an attack against a multi-state grain company that interfered with its grain processing, the FBI reported. It did not name the company.

The agency recommended that agricultural organizations take preventive steps, such as backing up files, using multi-factor authentication and installing software security updates.

It warned that the cyberattacks were unlikely to stop.

Nozomi Networks, a cybersecurity firm based in San Francisco, California, that helps customers protect critical infrastructure, said in a February release, “More than 651 vulnerabilities were reported from July through December — a 21% increase over the previous six months. Supply chain vulnerabilities continue to offer the greatest opportunity to quickly spread damage across a wide range of products, service providers or end users.”

Tom can be reached at [email protected]