BlackMatter Hits Grain Cooperative With Ransomware Attack (bloomberg.com) 25
Iowa-based grain cooperative New Cooperative was struck by ransomware in recent days and has shut down its computer systems as it tries to mitigate the attack. From a report: The attack occurred on or around Friday, according to Allan Liska, senior threat analyst at the cybersecurity firm Recorded Future. The ransomware gang, which goes by the name BlackMatter, is demanding a $5.9 million ransom, Liska said. New Cooperative confirmed that they had been attacked and said they had contacted law enforcement and were working with data security experts to investigate and remediate the situation.
"New Cooperative recently identified a cybersecurity incident that is impacting some of our company's devices and systems," according to a statement from the cooperative. "Out of an abundance of caution, we have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained." New Cooperative has communicated with its feed customers and is working to create workarounds to get feed to animals while its systems are down, a person familiar with the matter said.
"New Cooperative recently identified a cybersecurity incident that is impacting some of our company's devices and systems," according to a statement from the cooperative. "Out of an abundance of caution, we have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained." New Cooperative has communicated with its feed customers and is working to create workarounds to get feed to animals while its systems are down, a person familiar with the matter said.
Act of War (Score:2)
If this group is state sponsored, then I'm not any happier than anyone else is about the implications and repercussions of it, but an attack on our food supply is clearly a damned act of war.
Not so fast [Re:Act of War] (Score:1)
Yes, but declaring war with Russia, China, and other despots will just make a big mess for everyone.
We can sanction China more, but it risks yet more supply problems when we already have supply problems.
We're stuck in a cold-war. Hacking back is probably the only practical punishment: they F with our commerce, we F back.
We can't win real wars anymore anyhow. Those addicted to despots can't kick the habit. Thus, either we commit genocide and wipe them all out, or get stuck in a never-ending civil war.
Re: (Score:2)
Like I said, I'm not happy about the implications, but, none of our other cold/proxy wars that I'm aware of have involved disruptions to our -domestic- food supply and the possibility of some of our people being unable to eat*. At the risk of using what might seem like nationalistic rhetoric, it's an attack on our homeland.
*And yes, I'm aware that our own economic system already precludes some of our people getting enough nutritious food to eat, and that's wrong and should be corrected - but it's also not a
Re: (Score:1)
Suppose 2000 froze to death in the winter due to such hacking and we find out Russia did it. What would you do?
Re: (Score:2)
I keed, I keed. Track them down, and let a few of them have some "accidents" like falling into traffic after hitting themselves with a wrench. No, technically speaking that's not legal but you'd have to admit to shenanigans to prove it anyway.
So many victims (Score:2)
Also, a sizeable VoIP service provider was hit over the weekend. VoIP.Ms and upstream providers were DDoS'ed as part of the fun. But initiated from the inside via ransomware.
Still around? (Score:2)
How? (Score:3, Insightful)
Naive question here: At this point in the game, how are ransomware attacks still a thing? What IT department hasn't heard of them? Why can't they just roll back to a backup, lose a couple days of data, and move on?
I know it's not really that easy, but surely it would be less than $5 million, no?
Re: (Score:3)
Re: (Score:3)
Naive question here: At this point in the game, how are ransomware attacks still a thing? What IT department hasn't heard of them? Why can't they just roll back to a backup, lose a couple days of data, and move on?
I know it's not really that easy, but surely it would be less than $5 million, no?
A number of reasons...
1. Sometimes management is incompetent. "Why would we spend money on something we never use?!" "Can't you make do with what we have?" "Why do we need more storage for backup systems?" ...Managers determined not to spend money will find no shortage of reasons why good backup systems aren't worth their price.
1a. Lots of businesses are in a bad spot right now. One client at work has some very old computers they *know* they need to replace, but the pandemic utterly decimated them and they
Re: (Score:2)
Hey thank you for taking the time for this very thorough reply. It's why I love /.
Not Just Backups (Score:2)
It's not just a matter of restoring backups. Current ransomware attacks often exfiltrate sensitive data which is also held for ransom (under threat of releasing to competitors or to the public).
FTA:
According to a post on BlackMatter’s website, the ransomware group has stolen New Cooperative’s financial information, human resources data, research and development information and source code for its “SoilMap” product, a technology platform for agricultural producers.
Re: (Score:2)
Also, it isn't a matter of restoring backups, because the Ransomware often resides on the backups. Often for six months or longer. That way, the backups CANNOT be restored.
Data itself needs its own backup, Not just a network copy of a system state. Programmers are going to have to figure out how to protect data without using nominal backup methodology.
Re: (Score:2)
I see so many garbage IT environments where the top 5 IT priorities are "save money". I've come to expect that any business with less than about 50 people and often much larger companies.
Nobody in the company really understands any of it most of the time. They rely on MSPs or low budget tech staff with weak backgrounds. The MSPs just triage everything, knowing that pushing for spending gets them canned.
I don't have a solution for you. And the larger problem is that the IT industry doesn't want to solve
Who attacks a cooperative? (Score:2)
Who attacks a cooperative? Honestly!
Re: (Score:2)
Bad people who are trying to disrupt a country and are having a go at a smallish part of it first? See also; that pipeline payment system before.
Re: (Score:2)
Well if that's the case they should be going for our centrifuges.
Re: (Score:2)
You could just hang your clothes out to dry.
Off-Limits (Score:1)
In July, President Joe Biden presented Russian President Vladimir Putin with a list of 16 critical infrastructure sectors that should be off-limits to ransomware groups. The list included the “food and agriculture sector.” “Certain critical infrastructures should be off-limits to attack, period, by cyber or any other means,” Biden said. “I gave them a list, 16 specific entities defined as critical infrastructure under U.S. policy, from the energy sector to water systems.”
Shouldn't Biden be telling Putin that all US companies are off-limits? He's basically asking for an agreement that treats criminal activity as OK except in a few particular sectors.
I support #BlackMatter (Score:2)
Yeah! Glad to hear that this movement is back.
Letâ(TM)s end police brutality in my north European village before it even starts.
And down with #AllMatter
*raises fist in the air*
Don't mention MICROS~1 (Score:4, Insightful)
Re: (Score:2)