167 Ransomware Attacks: US Agriculture Under Siege

In 2023, the United States food and agriculture sector encountered no fewer than 167 ransomware attacks, ranking it as the seventh most vulnerable among all industries in the country, according to the inaugural annual report from the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC).

The same report indicates that approximately 40 attacks were recorded in the first quarter of 2024. Although this represents a slight decrease from the previous year, it remains a significant figure.

Major food companies, including Dole, Sysco, and Mondelez, have also been targeted by cyber incidents. Jonathan Braily, director of Food and Ag-ISAC, notes that ransomware groups readily target organizations that are particularly susceptible to breaches, and unfortunately, this sector fits that description due to its lack of prioritization on cybersecurity.

In 2023, the ransomware groups LockBit and BlackCat were the most prolific attackers against the food sector, with the former launching 40 attacks and the latter 15. As of early 2024, the most active group has been Play, which has claimed responsibility for 5 attacks.

Such attacks can disrupt production processes, such as in seed manufacturing, potentially causing delays in planting or harvesting. In the event of severe attacks, products may need to be redirected to other regions with active agricultural seasons, though this is a highly costly process.

Congress is taking steps to bolster the sector’s defenses, including the development of specific legislation to strengthen the sector’s digital defenses, as well as establishing a dedicated center within the National Telecommunications and Information Administration to assist agricultural producers in securing their technologies.