Expert: Farm co-op ransomware attack shows how hacks could impact food supply
An Iowa State University cybersecurity expert said the recent ransomware attack on an Iowa farm cooperative shows the importance of developing backup plans and the risks cyberattacks can have on our food supply and other pieces of critical infrastructure.
The Fort Dodge-based NEW Cooperative, a cooperative Iowa corn and soy farmers, suffered the attack this week, just as the harvest begins.
A security researcher said the criminals, connected to the Russia-linked Blackmatter gang, had demanded $5.9 million from the company.
The company created workarounds to receive grain and distribute feed, something Doug Jacobson, the director of Iowa State's Information Assurance Center and a professor at the university, said is a positive takeaway. He said organizations need to have a plan in place for how to respond to cyberattacks, which it appears the cooperative did.
"The companies need to go into the assumption, play the what-if game," Jacobson said. "What if this happened to us? What has to come back alive and how are we going to make that happen? If it's bringing out note cards and number two pencils and clipboards, then that's what it is. It may be being able to run things manually."
Jacobson said the attack shows the potentially serious disruptions ransomware attacks can have on the nation's food supply. Earlier in the summer, for instance, a cyberattack crippled meat processor JBS, resulting in production stoppages at some of its Iowa plants.
Jacobson said food production and other pieces of critical infrastructure are prime targets for nefarious actors.
"The attackers want to go after things that you need to have back immediately," he said. "Their goal is to find things that you lose a lot of money every minute you're offline and so that increases your probability of paying the ransom."
NEW Cooperative has not said whether it paid the ransom.
KCCI contacted the company Tuesday seeking comment and has not received a response.