The threat of ransomware can target any organization, but those in critical infrastructure sectors such as food and agriculture are at risk. In this exploitative form of a cyber attack, malicious groups and individuals infiltrate organizations’ systems to locate important data, encrypt the data so it’s inaccessible, and then demand ransom payments from the organizations that desperately need their information and resources back. If operations are halted by the encryption, many have no choice but to pay up to continue operations and retrieve back their data.
In April of this year, the Food and Ag-ISAC released its inaugural Ransomware Report detailing the scope of this variety of cyber attack within the food and ag sector. Titled Farm to Table Ransomware Realities: Exploring the 2023 Ransomware Landscape and Insights for 2024, the report was among the first of its kind in the industry and provided an overview of the ransomware threat landscape, including a list of known threat actors, tips on how to protect against ransomware attacks, and more. The data showed that attacks against the food and ag sector made up 5.5% of all ransomware operations globally – not an insignificant number.
As 2024 continues to march on, our analysts have stayed on top of the data and have recently released an update to report featuring a Q2 2024 analysis. This update shows that the trends found at the beginning of 2024 – namely, a decrease in ransomware attacks overall across all sectors – have stayed mostly consistent as the year progresses. The reduced number of attacks in general are most likely a result of disruptions in the ransomware sphere towards the beginning of the year – major players LockBit and ALPHV/BlackCat were both taken down by authorities in the early months of 2024, and have both struggled to return since, with BlackCat dissolving and LockBit returning operations to a lesser degree than their previous endeavors.
The number of food and ag-specific attacks in the second quarter of the year has increased slightly, with 37 attacks total. Ransomware actors continue to operate even in the wake of this year’s disruptions, with other operators filling the gaps for opportunistic gain. Hunters, BlackBasta, Blacksuit, LockBit 3.0, and 8Base were the top five actors in the sector for Q2, and the ISAC’s analysts will continue to monitor these actors and others as the year goes on.
How Can You Defend Against Ransomware Attacks?
Ransomware actors and groups continue to target the industry for a number of reasons, from financial considerations to its importance in maintaining the nation’s health and safety. However, more than anything, ransomware actors are driven by opportunity – in many cases, these groups choose organizations with security vulnerabilities over singling out specific sectors. In light of this, staying on top of your organization's security measures to protect against potential attacks are paramount. The landscape can change at a moment’s notice, and those who are caught off-guard are the most susceptible to falling victim.
In the full report, we outline a number of steps every organization can take to bolster their defenses against ransomware attacks and recover quickly in the event an attack does occur. These tactics include some of the following:
Update hardware and software regularly
Use complex passwords (or passphrases)
Use Multi-Factor Authentication to keep access secure
Backup files regularly
Encrypt sensitive data
Segment networks to prevent disruption
Don’t take phishing bait - avoid opening suspicious emails
Develop and test a response plan
Collaborate and share information with peer companies
The full list of these tips, along with the rest of our report and Q2 update, can be found here on our website.
We also have a cybersecurity guide for small and medium sized food and agriculture sector organizations, which details more low-cost, high-reward ways you can strengthen your team’s security against ransomware attacks and beyond. The guide is available for download here.
Σχόλια