FBI Warns: Ransomware Risk is High in This Unexpected Sector

May 05, 2022

Ransomware is the monster under the bed for IT teams, a potentially devastating possibility that’s always lurking in the background. New research shows that it’s become a monster that haunts more and more IT teams every year. Over 60% of organizations in a recent survey said that they experienced a ransomware attack in 2021, up from 37% in 2020. As the favored tool of bad guys ranging from greedy cybercriminals to nation-state threat actors, this devastating cyberattack is a menace to businesses of every size, in every industry, even some that may not be expecting it. 

See 10 reasons why Graphus is better than other email security solutions. SEE THE LIST>>

One Successful Attack Has Big Ripple Effect

A recent Private Industry Notification released by the U.S. Federal Bureau of Investigation (FBI) warns that organizations in an unexpected sector should be especially vigilant about watching out for ransomware threats right now: agriculture. The alert cautions that ransomware actors may be more likely to attack agricultural cooperatives now because it’s planting season in the U.S., and cybercriminals believe that companies are likely to pay the ransom rather than risk that important window. FBI analysts say that critical planting and harvest seasons are attractive times for ransomware gangs to strike, disrupting operations, causing financial loss and negatively impacting the food supply chain.  

Explaining how attacks against agricultural targets could disrupt the food supply, the FBI detailed the ripple effect that attacks against agricultural targets may have, noting “A significant disruption of grain production could impact the entire food chain, since grain is not only consumed by humans but also used for animal feed. In addition, a significant disruption of grain and corn production could impact commodities trading and stocks. An attack that disrupts processing at a protein or dairy facility can quickly result in spoiled products and have cascading effects down to the farm level as animals cannot be processed.” 

AI is the secret weapon you’re looking for to boost business email security. SEE WHY>>

The Bad Guys Are Hard at Work

In this alert, the FBI disclosed that it has recorded ransomware attacks during the last two seasons against numerous agricultural resources, including attacks against six grain cooperatives during the fall 2021 harvest and two attacks in early 2022. The 2022 attacks were pointed out as especially dangerous right now because they could impact the planting season by disrupting the supply of seeds and fertilizer. This was accompanied by a warning that malicious cyber actors may also perceive agricultural cooperatives as lucrative targets for ransomware and other cyberattacks because they may be likely to pay ransoms due to the time-sensitive role they play in agricultural production.  

These examples were offered to illustrate the increasingly stormy threat atmosphere that the Food & Agriculture sector faces. 

  • March 2022: A multi-state grain company falls victim to a Lockbit 2.0 ransomware attack. In addition to grain processing, the company provides critically needed services during the planting season including seed, fertilizer and logistics. 
  • February 2022: A company providing feed milling and other agricultural services reported not one but two incidents during which an unauthorized actor gained access to some of its systems and used that access to attempt a ransomware attack. Those attacks were detected and stopped before encryption occurred.   
  • September – October 2021: Six grain cooperatives experienced ransomware attacks including New Cooperative & Crystal Valley Cooperative. Attackers used a variety of ransomware variants like Conti, BlackMatter, Suncrypt, Sodinokibi, and BlackByte. New Cooperative and Crystal Valley Cooperative were both hit by BlackMatter. Some cooperatives were crippled, halting operations during the critical harvest season.   

The road to security success begins with 5 Steps to Ransomware Readiness! GET IT>>

Ransomware Endangers Critical Infrastructure

In the 2021 report from U.S. Federal Bureau of Investigation Internet Crime Complaint Center (FBI IC3), analysts noted 52 ransomware attacks against the Food and Agriculture sector last year. Food and Agriculture is one of 16 critical infrastructure sectors designated by The U.S. Cybersecurity & Infrastructure Security Agency (CISA). IC3 also reported that 14 of those 16 critical infrastructure sectors were hit with ransomware attacks in 2021. Agriculture was the seventh most attacked critical infrastructure sector in the U.S. in 2021. The sectors that faced the most ransomware attacks were Healthcare & Public Health (148), Financial Services (89) and Information Technology (74). 

Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>

Stopping Ransomware Starts with Stopping Phishing

By far, the most common way for ransomware to take root in an organization’s environment is through phishing, and employees have an unfortunate tendency to fall for phishing messages. About 60% of employees in a study said that they have opened emails they weren’t fully confident were safe. Employees don’t just stop at opening them either. They also interact with suspicious messages at an alarming rate. One in three employees are likely to click the links in phishing emails, and one in eight employees are likely to share information requested in a phishing email. This makes it easy for ransomware gangs to persuade employees to visit a poisoned URL or hand over their passwords to allow bad actors to go right through your defenses. 

The top data breach threat for three consecutive years, phishing is a plague on organizations. While not all ransomware infections start with phishing, almost half do. That makes the prevention of phishing the best way to prevent ransomware. Complicating the picture, consistently rising email volumes from remote work and shifts to more cloud-based operations for businesses give cybercriminals more chances to get phishing messages that carry ransomware into employee inboxes. It’s clear that protecting organizations from threats like ransomware starts with protecting them from phishing.

See how to avoid cybercriminal sharks in Phishing 101. DOWNLOAD IT>>

Graphus Catches More Phishing Messages

In this dangerous world, every organization needs powerful email security that can stand up to the test of combatting today’s sophisticated threats without a high price tag. Graphus answers that call.    

  • Put 3 layers of protection between employees and dangerous phishing messages   
  • Automated email solutions like Graphus catch 40% more malicious messages than conventional solutions or a SEG.   
  • Cloud-native security harnesses machine learning to inform AI using a patented algorithm.  
  • Rely on real analysis, not just a problematic safe sender list. 
  • AI and machine learning ensure that you’re not waiting on threat reports or patches to be protected from new threats.  
  • No delay in incoming or outgoing communications.    
  • Using more than 50 points of comparison when adjudicating messages enables Graphus to sniff out targeted spear phishing, ransomware, zero-day attacks and other complex threats.   

Stop phishing immediately with Graphus – the most simple, automated and affordable phishing defense available today. Contact one of our solutions specialists today 

Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>

Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus