New Cooperative, a farm service provider in Iowa, was breached by the BlackMatter ransomware group impacting some of its devices and systems. Allan Liska, a ransomware expert, revealed that the group’s leak page contained financial documents, network information for companies involved with New Cooperative, employee’s social security numbers and personal information, R&D files, and source code for Soil Map, a farming technology platform. BlackMatter claims to have stolen one terabyte of data and is requesting $5.9 million.
Several security researchers revealed conversations between New Cooperative negotiators and BlackMatter threat actors. The representatives reported that they are part of the “16 critical sectors” that US President Joe Biden considered off-limits to threat actors in conversation with Russian President Vladimir Putin. Additionally, New Cooperative stated that this conversation is part of the country’s critical infrastructure and public disruption to the grain, pork and chicken supply chain can occur if they are not back up and running soon. The company contacted CISA and law enforcement. However, BlackMatter is refusing to waiver.
New Cooperative is involved in different aspects of the grain business including running grain storage elevators, selling fertilizer, buying from farmers, and providing technology to farmers. The company is working to restore their systems and getting grain to the customer’s animals.
Ransomware groups continue to successfully attack the agriculture industry despite the White House’s warning. The Federal Bureau of Investigation issued a warning to companies in the food and agriculture sector about possible ransomware attacks disrupting supply chains earlier this month. The FBI explains that food and agriculture companies will suffer financial loss including ransom payments, loss of productivity, and remediation costs due to ransomware attacks. Additionally, a ransomware attack can result in losing proprietary and personal information as well as reputational damage. New Cooperative is the fourth company in recent months to experience a ransomware attack on US critical infrastructure.
Most food and agriculture companies including New Cooperative depend heavily on connected machines to power key elements of the business. Threat actors are targeting these machines because of the limited visibility into the risks and threats. That’s why it’s crucial for companies like New Cooperative to stay current with the latest threat landscape or engage with a cybersecurity team that can do so. With SpearTip’s experienced security team, your networks will be continuously monitored 24/7, holidays and weekends included.
SpearTip also offers pre-breach and advisory services to companies in order to prepare them for attacks and identify vulnerabilities. Our Security Operations Center as a Service (SOCaaS) working in tandem with our endpoint detection and response tool, ShadowSpear, which detects ransomware threats and prevents them from disrupting your business, is the ultimate security suite for enterprise businesses such as New Cooperative. Stop cyber threats, today.
If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.