NEW Cooperative Ransomware Attack: How it happened and what this means.

Over the weekend, NEW Cooperative Inc., a Fort Dodge, Iowa-based agricultural services firm was crippled by a ransomware attack. The outside threat group BlackMatter has stated that they are responsible for this attack and have demanded a ransom of $5.9 million to release the data they have locked. BlacMatter released additional information detailing that the ransom will double to $11.8 million if not paid within five days.

Reports from inside NEW Cooperative state that as soon as they noticed the attack, they immediately shut all systems offline to stifle the spread of the ransomware. A spokesperson from NEW had this to add “NEW Cooperative recently identified a cybersecurity incident that is impacting some of our company’s devices and systems. Out of an abundance of caution, we have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained.”.

This spokesperson later says that they have notified law enforcement and are working with CISA and data security experts to remediate this issue.

How did we get here?

Ransomware gangs have continued to put pressure on critical infrastructure around the world. They see these companies as very lucrative targets, given the public’s reliance on many of their outputs or products. What’s interesting about this case is BlackMatter has previously stated that they will not target critical infrastructure facilities. Screenshots of the ransomware negotiation between BlackMatter and NEW show the cooperative asking why they were targeted, given they are crucial to the nation’s food supply. BlackMatter replied proclaiming “You do not fall under the rules, everyone will only incur losses, everything is tied to the commerce, the critical ones mean the vital needs of a person, and you earn money.”

BlackMatter then attempts to further persuade NEW Cooperative into paying the ransom, citing that “Since everything is so serious with you, let’s come to an agreement quickly and solve everything quickly.”.  

What does this mean?

This attack brings into question the blurry lines some cybercriminal gangs operate along. If a company with direct ties to the United States’ food supply chain is not considered critical infrastructure, what is? NEW Cooperative later stressed to BlackMatter that the impact of this attack would be more significant than Colonial Pipeline. With their systems offline, they will have no way to process orders or direct distribution of feed and grain vital to farmers across the country.

NEW Cooperative has passed on a directive to all of their customers, assuring them that they will still get the feed needed to feed their animals while NEW’s systems are down. Farmers in Iowa reported that although the farming industry has adapted to many technological advances, this attack has forced them to use old school methods like paper tickets to measure the weight of a truck and the moisture in the grain.

What is the solution?

While cybersecurity directives from The White House help bring awareness to ransomware attacks and cyber-crime, more has to be done. It is time for all organizations to talk about their security posture. These ransomware gangs have proven no company is off-limits when it comes to their targets and companies must defend themselves. The private and public sectors must test their disaster recovery plans immediately and review their ability to respond to cyber-attacks.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.