Farms.com Home   Ag Industry News

Federal agencies issue ransomware alert related to ag

Federal agencies issue ransomware alert related to ag

BlackMatter has targeted multiple industries since July

By Diego Flammini
Staff Writer
Farms.com

Federal agencies have officially linked cyberattacks on the U.S. ag sector to a group with Russian ties.

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and National Security Agency (NSA) issued an alert about the hacker group BlackMatter and their roles in recent cyberattacks in the U.S.

“Since July 2021, BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture sector organizations,” the Oct. 18 document says.

BlackMatter’s ransoms demands have ranged anywhere between $80,000 to $15,000,000 in Monero and Bitcoiin.

One of those attacks affected New Cooperative Inc., out of Fort Dodge, Iowa.

BlackMatter compromised about 1,000 gigabytes of the organization’s data in September and demanded a $5.9 million ransom before returning access.

The company refused to pay the ransom, the Associated Press reported on Sept. 24.

Cybersecurity sources and other news outlets suggested BlackMatter conducted the attacks, but the U.S. report confirms the group’s involvement.

The group attacked another co-op in Minnesota days after the Iowa incident.

Crystal Valley informed its members and customers on Sept. 21 that two days earlier it had been the victim of a cyberattack.

“This attack has infected the computer systems at Crystal Valley and severely interrupted the daily operations of the company,” the co-op said in a Sept. 21 statement.

And since the federal agencies released the alert, the U.S. agri-food sector suffered another cyberattack.

On Oct. 20, Ferrara Candy, a Chicago-based company known for making Nerds, Red Hots and other candies, revealed that on Oct. 9 hackers demanded payment.

“Upon discovery, we immediately responded to secure all systems and commence an investigation into the nature and scope of this incident,” Ferrara said in a statement to ZDNet.

The company has since resumed production. Whether the company paid the ransom and who is responsible for the attack remains unknown.

CISA, the FBI and NSA provided tips and resources for users to use to protect themselves from any ransomware incidents.

These include two detection signatures available in the document.

“These signatures will identify and block placement of the ransom note on the first share that is encrypted, subsequently blocking additional (Sever Message Block) traffic from the encryptor system for 24 hours,” the agencies wrote.

Farms.com has contacted cybersecurity experts about why hackers are targeting the U.S. ag sector.

Visit VLinteractive.com to learn more about professional managed IT services that can help protect your agribusiness from cyberattacks and other digital security threats.


Trending Video

EveryPig: AI, Collaboration & Data Integration Shaping Swine Production | Brian Doyle | WPX 2026

Video: EveryPig: AI, Collaboration & Data Integration Shaping Swine Production | Brian Doyle | WPX 2026

What are the biggest technology trends emerging at the 2026 World Pork Expo?

Brian Doyle of EveryPig shares his early observations from the show floor, highlighting strong attendance, increased collaboration between technology providers, and the growing role of artificial intelligence in modern pork production.

Doyle discusses how better data integration between systems can create a single source of truth for producers, while AI-powered tools and intelligent agents help automate routine tasks, analyze large volumes of production data, and turn information into actionable insights that improve decision-making.

Topics Covered:

Artificial Intelligence (AI) in pork production

Data integration and interoperability

Technology collaboration

Digital farm management

Automation and intelligent agents

World Pork Expo 2026

Recorded at the 2026 World Pork Expo.