Ransomware strike targets U.S. agriculture industry, White House quietly responds
An industry marked “off-limits” to Russian hackers by President Biden was hit by a ransomware attack earlier this week when the operations of two agricultural co-ops in Iowa and Minnesota were disrupted.
During a June meeting with Russian President Vladimir Putin, Biden warned the Kremlin that cyber attacks against 16 American industries – including agriculture – would not be tolerated.
The president said it was an effort to establish a “cybersecurity deal” and restore “order” after America’s largest fuel pipeline and a major meat-packing company were shut down by ransomware programs.
$ 5.9M RANOMWARE ATTACK ON LARGE AGRICULTURAL GROUP POSES RISK FOR US GRAIN, PORK AND CHICKEN SUPPLY
Minnesota-based Crystal Valley agricultural supply and grain marketing cooperative on Sunday was hit by a ransomware attack that “infected the computer system” and “severely disrupted the daily operations of the company.” the group said in a statement.
The co-op did not respond to questions from Fox News about the ransom amount or who is believed to be behind the latest attack.
But the next day, reports surfaced showing that another attack was carried out on an Iowa-based agricultural cooperative, NEW Cooperative, by hackers demanding a payment of $ 5.9 million in cryptocurrency in exchange of renewed access to its food supply chains.
NEW Cooperative did not respond to a Fox News interview request. But according to the Wall Street Journal, Russian cybercrime group BlackMatter is behind the attack.
In a screenshot Per Dark Feed, the group appeared to mock NEW Cooperative by suggesting that they did not fall under the “critical” infrastructure described by Biden.
The farm group warned the cybercrime group in an online chat that it was attacking the agriculture industry and could face serious consequences from the US government, Recorded Future explained in a report. Tweeter.
Despite reports that BlackMatter was negotiating with the Iowa Co-op, a spokesperson for the National Security Council (NSC) told Fox News that the US government has not officially attributed the attacks to a specific group.
“That being said, we are bringing the full weight of the US government’s ability to disrupt the ransomware networks and the facilitators behind this disruptive activity,” the spokesperson added. “We are leading a whole-of-government effort on ransomware to address the increased threat of ransomware. “
The NSC spokesperson said the US government was working to disrupt ransomware infrastructure and actors, as well as working with private entities to modernize defenses.
But the former chief of the CIA station in Moscow, Daniel Hoffman, argued that not enough was done in terms of deterrence.
“What we do know is that we have been hit by another attack,” he said. “This means that we did not dissuade them. Russia is allowing these BlackMatter and Revil groups… to settle in their territory.
“This administration has to deter Russia and the way you do it is to counter them,” he added. “Go tell the Russians if you can’t stop them, we’ll stop them instead, then take action against them.”
TREASURE TO SANCTION THE SUEX VIRTUAL CURRENCY EXCHANGE ON RANSOMWARE TRANSACTIONS
On Tuesday, the Treasury Department announced it would impose sanctions on the Suex OTC, SRO virtual currency exchange after determining its involvement in facilitating illicit transfers for at least eight ransomware groups.
According to Chainalysis, who allegedly assisted the United States in its investigation of the Russia-based broker, Suex received “over $ 160 million from ransomware players, crooks and darknet market operators.”
The company discovered that Suex had raised $ 13 million from ransomware operators like Ryuk and Maze, both linked by the US government to Russian-based crime groups.
Assistant Treasury Secretary Wally Adeyemo said the sanctions were part of the administration’s whole-of-government effort to tackle cybercrime and that they would work to “destroy and deter these criminals by attacking them. financial facilitators “.
Hoffman argued that Biden should take a more aggressive approach to deter cybercriminals and pointed to the 2018 attack on Russian troll farm, the Internet Research Agency, by the Trump administration.
“Now they might not want to go to war with these pirates because the pirates will retaliate and hit us,” he said.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
But the former head of the CIA station in Moscow said the administration needed to take a more offensive stance and stop “defending us at the point of attack.”
“You must also go on the offensive – as President Bush liked to say about terrorists, you must lead the fight against the enemy,” he added.
Brooke Singman contributed to this report.