FBI Warns of Increased Ransomware Attacks Against US Agriculture Sector

Colin Thierry
Colin Thierry Writer
Colin Thierry Colin Thierry Writer

The US Federal Bureau of Investigation (FBI) warned Food and Agriculture (FA) sector organizations on Wednesday of an increased risk of ransomware attacks during the harvest and planting seasons.

Although ransomware groups regularly target the US agriculture sector, the FBI noted that the quantity of attacks against these entities during critical seasons is concerning.

The FBI revealed this information during a joint flash alert released in coordination with the United States Department of Agriculture (USDA) and the Cybersecurity and Infrastructure Security Agency (DHS/CISA).

“Ransomware attacks during these seasons against six grain cooperatives during the fall 2021 harvest and two attacks in early 2022 that could impact the planting season by disrupting the supply of seeds and fertilizer,” the FBI said.

“Cyber actors may perceive cooperatives as lucrative targets with a willingness to pay due to the time-sensitive role they play in agricultural production,” the agency added.

In its statement on Wednesday, the FBI also highlighted several ransomware attacks against US agricultural cooperatives that led to financial losses and impacted production.

Ransomware Attacks on Critical US Infrastructure

In a February joint advisory, the FBI, CISA, and the NSA also warned of an increase in ransomware attacks impacting 14 of the 16 US critical infrastructure sectors, including Food and Agriculture.

Since the start of 2022, the FBI issued flash alerts highlighting how several ransomware gangs (including BlackByte, Ragnar Locker, and Avoslocker) have breached dozens of critical US infrastructure.

Attackers use a variety of methods to gain access to victims’ networks, including phishing, stealing Remote Desktop Protocols (RDP) credentials, and exploiting unpatched vulnerabilities.

Ransomware groups also utilize cybercriminal services-for-hire to negotiate ransom payments, help victims make payments, and mediate payment disputes with other cybercriminals.

“If the ransomware criminal business model continues to yield financial returns for ransomware actors, ransomware incidents will become more frequent,” the advisory said. “Every time a ransom is paid, it confirms the viability and financial attractiveness of the ransomware criminal business model.”

About the Author

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.