28th September 2021, Kathmandu
The Biden administration is trying to investigate ransomware attacks, attackers are targeting the critical infrastructures in the country. The farm services provider is the latest victim of ransomware attacks. The Iowa-based company reported that a security incident paralyzed its operations, affecting several U.S. farming chains that began to harvest.
“Our systems are made offline, and we can confirm it has been successfully effected. We notified the law enforcement and they are investigating with data security experts to investigate and remediate the situation,” the company said in a media statement.
NEW Cooperative provides services such as fertilizers, feeds, seed resources, technology platforms, grains, and crop protection services to several farming cooperatives across the north, central, and western Iowa.
Ransomware Risks to Agriculture Sector
Ransomware attacks are increasing and targeting critical infrastructure to disrupt essential services. The ransomware attack has affected the operations of various grain storage elevators operated by NEW Cooperative. The farmers are facing problems and damages as many farmers had started their farming work.
The food supply chain in the country may be disturbed unless the new cooperative systems go online.
BlackMatter’s Involvement?
While the new Cooperative didn’t uncover the attackers of the cyberattack, various security experts linked the attack to the infamous ransomware attack group BlackMatter. Reports show that BlackMatter gained access and infected NEW’s network systems and demanded a ransom of $5.9 million to restore the affected systems. BlackMatter is a new ransomware-as-a-service group suspected to be a successor of the infamous DarkSide ransomware group that went underground after the attack on Colonial Pipeline.
Negotiations with BlackMatter
As per leaked private negotiation chats between the NEW officials and the BlackMatter group, the attackers refused to decrypt the affected systems replying that the new Cooperative doesn’t come under critical infrastructure.
Recently, the BlackMatter group said that they don’t attack critical infrastructures such as the defense industry, nuclear power plants, water treatment facilities, the oil and gas industry, non-profit organizations, and government agencies. They further said that if a victim is from the sectors above, they decrypt their files for free.