The industries experienced more than 160 attacks last year
By Diego Flammini
Staff Writer
Farms.com
A new report is highlighting how cybercriminals targeted the U.S. food and ag industries in 2023.
The Food and Agriculture-Information Sharing and Analysis Center’s (Food and Ag-ISAC) first annual Ransomware Report indicates out of the 2,905 ransomware incidents it counted in 2023, about 5.5 percent, or around 167 of them, affected U.S. ag and food.
“This made organizations in the sector the 7th most targeted industry vertical last year,” the report says.
For comparison, the critical manufacturing and financial services sectors experienced the most cyberattacks with 15.5 percent and 12.4 percent of the total, respectively.
In 2023, the months of February, March and September are tied for the highest number of cyberattacks with 18.
In February, for example hackers targeted Dole plc, forcing the company to halt production North America.
And in June, Mondelez, the cookie and candy manufacturer, warned 51,000 past and present employees that hackers stole their personal information from a law firm.
The report also includes data for the first quarter of 2024. The Food and Ag-ISAC counted 572 ransomware incidents with 40 targeting food and ag.
The organization’s report also identifies which groups were responsible for the attacks on U.S. ag in 2023.
Criminal group Lockbit, for example, carried out 40 attacks on the American agriculture and food sectors.
It’s unclear what incidents they were responsible for in 2023, but in January 2024 the group claimed responsibility for a data breach affecting Subway.
“We exfiltrated their SUBS internal system which includes hundreds of gigabytes of data and all financial [aspects] of the franchise, including employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers etc,” the group said according to Techerati, a business and tech news publication.
In total, among all cyberattacks, criminals collected more than $1 billion in payments from victims.
The Food and Ag-ISAC’s report illustrates the need to continue to protect sensitive digital data.
“Despite successful disruptions of global threat actor groups and their operations by law enforcement, cyber attackers often operate in countries that turn a blind eye to their efforts. As long as ransomware remains low-risk, high-reward for attackers, ransomware attacks will continue,” Jonathan Barley, the Food and Ag-ISAC’s director, said in a statement.
In May 2023, Farms.com spoke with John So, an IT manager with VL Interactive, about the most common way hackers gain access to sensitive information, and what people can do to protect themselves and their data.
The first thing to realize, he said, is to understand that simply using the internet means there’s a data risk.
“Pretty much anything that’s connected to the internet is at risk of being hacked. This includes mobile phones,” he told Farms.com. “It doesn’t matter if you’re a small or large business, hackers just want to see how much they can exploit from you.”