Home   Ag Industry News

Federal agencies issue ransomware alert related to ag

Federal agencies issue ransomware alert related to ag

BlackMatter has targeted multiple industries since July

By Diego Flammini
Staff Writer

Federal agencies have officially linked cyberattacks on the U.S. ag sector to a group with Russian ties.

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and National Security Agency (NSA) issued an alert about the hacker group BlackMatter and their roles in recent cyberattacks in the U.S.

“Since July 2021, BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture sector organizations,” the Oct. 18 document says.

BlackMatter’s ransoms demands have ranged anywhere between $80,000 to $15,000,000 in Monero and Bitcoiin.

One of those attacks affected New Cooperative Inc., out of Fort Dodge, Iowa.

BlackMatter compromised about 1,000 gigabytes of the organization’s data in September and demanded a $5.9 million ransom before returning access.

The company refused to pay the ransom, the Associated Press reported on Sept. 24.

Cybersecurity sources and other news outlets suggested BlackMatter conducted the attacks, but the U.S. report confirms the group’s involvement.

The group attacked another co-op in Minnesota days after the Iowa incident.

Crystal Valley informed its members and customers on Sept. 21 that two days earlier it had been the victim of a cyberattack.

“This attack has infected the computer systems at Crystal Valley and severely interrupted the daily operations of the company,” the co-op said in a Sept. 21 statement.

And since the federal agencies released the alert, the U.S. agri-food sector suffered another cyberattack.

On Oct. 20, Ferrara Candy, a Chicago-based company known for making Nerds, Red Hots and other candies, revealed that on Oct. 9 hackers demanded payment.

“Upon discovery, we immediately responded to secure all systems and commence an investigation into the nature and scope of this incident,” Ferrara said in a statement to ZDNet.

The company has since resumed production. Whether the company paid the ransom and who is responsible for the attack remains unknown.

CISA, the FBI and NSA provided tips and resources for users to use to protect themselves from any ransomware incidents.

These include two detection signatures available in the document.

“These signatures will identify and block placement of the ransom note on the first share that is encrypted, subsequently blocking additional (Sever Message Block) traffic from the encryptor system for 24 hours,” the agencies wrote. has contacted cybersecurity experts about why hackers are targeting the U.S. ag sector.

Visit to learn more about professional managed IT services that can help protect your agribusiness from cyberattacks and other digital security threats.

Trending Video

Managing Your Farm Business with Evan Shout – Part 1

Video: Managing Your Farm Business with Evan Shout – Part 1

In this three-video series, Evan Shout, President of Maverick Ag Ltd, provides business management tips and tricks to help take your operation to the next level. In part one, Evan shares the biggest mistake that farm operators make when evaluating decisions and the benefits of knowing your accrual basis accounting number


Your email address will not be published