U.S. Farm Cooperative Takes Systems Offline After Ransomware Attack Linked To Russian Hackers

A ransomware attack believed to be the work of Russian hackers has forced an association of corn and soy farmers based in the U.S. state of Iowa to take its systems offline.

New Cooperative said in a statement that the attack was “successfully contained” and that it had quickly notified law enforcement.

The statement said the association took its systems offline out of “an abundance of caution” and was working with data security professionals to remedy the situation. It did not specify when the ransomware attack occurred.

The cooperative has created workarounds to receive grain and distribute feed, according to news reports on September 21 quoting people close to the business.

The hackers demanded a $5.9 million ransom for a key to decrypt files they scrambled, according to security researcher Allan Liska of Recorded Future.

New Cooperative stores and sells the grain it collects from farmers and offers feed for chickens, hogs, and cattle along with fertilizer, crop protection, and seed.

The attack on its systems follows ransomware attacks earlier this year that targeted targeted companies and critical infrastructure, including a major U.S. pipeline and a meatpacker. There was also an attack on the software firm Kaseya that impacted some 1,500 businesses.

The attack on New Cooperative, which is believed to have been launched last week just as Iowa's corn and soy harvesting got under way, has been attributed to a group called BlackMatter.

BlackMatter has threatened to publish 1 terabyte of data it claims to have stolen from New Cooperative if its ransom demand is not paid by September 25.

The data includes invoices, research and development documents, and the source code to the cooperative’s soil-mapping technology, according to cybersecurity experts quoted by The Washington Post.

Security researchers believe BlackMatter may be a reconstituted version of the ransomware syndicate DarkSide, another operation believed to be tied to Russia, that disrupted Colonial Pipeline in May and then disbanded.

That ransomware attack disrupted fuel service for six days to the U.S. East Coast, and Colonial Pipeline officials eventually paid a $4.4 million ransom. Federal law enforcement officials were able to get a portion of the ransom back and sideline much of DarkSide’s infrastructure.

But experts cautioned at the time that the hackers would probably reemerge.

REvil, another Russian-based cybercrime operation, carried out a ransomware attack in June on JBS, the world's largest meat producer. The company eventually paid an $11 million ransom. In July, REvil claimed responsibility for the attack on the U.S. company Kaseya.

After the attack on Kaseya, President Joe Biden repeated a warning to Russian President Vladimir Putin that the United States would take "any necessary action" to defend Americans and critical infrastructure threatened by cyberattacks.

Biden had previously warned Putin about ransomware attacks during the two leaders’ summit in June.

The United States is also moving to cut off the flow of money by sanctioning cryptocurrency exchanges that facilitate the ransom payments.

On September 21, the Treasury Department imposed sanctions on a Russian-based cryptocurrency exchange over its alleged role in facilitating the payments.

With reporting by Reuters and the Washington Post

Radio Free Europe

RFE/RL journalists report the news in 22 countries where a free press is banned by the government or not fully established, including Iran, Afghanistan, Pakistan, and Russia.

https://www.rferl.org/

Related news
Uzbekistan Holds Presidential Election

Uzbekistan Holds Presidential Election

More than 20 million people in Uzbekistan are eligible to vote in a presidential election, in which incumbent President Shavkat Mirziyoev is widely expected to win a second term of office given the absence of opposition candidates. The vote on Oct...

Radio Free Europe

Alec Baldwin shot loaded gun handed to him by assistant director who 'declared it safe'.

Alec Baldwin shot loaded gun handed to him by assistant director who 'declared it safe'.

THE gun Alec Baldwin fired in the fatal shooting on the Rust movie set was handed to the actor loaded with a live round, according to a warrant from the ongoing police investigation. The warrant says that an assistant director handed the gun to th...

Sunshine state supply chain solution: Florida opens ports for backlogged cargo ships.

Sunshine state supply chain solution: Florida opens ports for backlogged cargo ships.

Florida Ports council president Michael Rubin explains how the state is opening its waterways to ease supply chain woes #foxnews Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX News Channel (FNC) is a 24-hour all...

1 410

Lower league football clubs could take part in drinking trial.

Lower league football clubs could take part in drinking trial.

Lower league football fans could be allowed to drink alcohol in the stands in the future if a trial is approved in League Two. There is a growing campaign to allow fans to drink alcohol while watching the game, bringing the same freedoms that supp...

Sen. Braun welcomes unvaccinated Chicago police to Indiana: ‘You deserve respect’

Sen. Braun welcomes unvaccinated Chicago police to Indiana: ‘You deserve respect’

Sen. Mike Braun, R-Ind., joins ‘Fox & Friends Weekend’ to discuss Chicago Mayor Lightfoot’s coronavirus vaccine mandates. #FoxNews Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX News Channel (FNC) is a 24-hour a...

Heavy Rains Wash Away Furniture, Flood Cars in Spain.

Heavy Rains Wash Away Furniture, Flood Cars in Spain.

️ Heavy rains caused flash flooding Friday in the eastern Spanish region of Alicante, severely damaging homes and businesses. Rainfall of up to 100 liters per square meter fell in the town of Torrevieja, leading to the closure of a primary school....

1 14

CNN reporter confronts parents at school spreading bogus vaccine claims.

CNN reporter confronts parents at school spreading bogus vaccine claims.

Centner Academy, a private school in Miami, Florida, is spreading bogus claims about the Covid-19 vaccines and ordering students who get the shot to stay home for 30 days. CNN's Gary Tuchman has more.

1 166