Hot on the heels of an FBI alert warning farmers to be on the lookout for ransomware attacks while planting and harvesting, a new cybersecurity program from the University of Nebraska is being touted as a key defense.

University researchers and federal authorities note worst-case scenarios such as takeovers of large equipment carrying dangerous chemicals endangering nearby towns and villages or attacks on grain operations where poisons endanger humans and animals.

To stop these attacks before they start, NU has developed plans to reduce testing of complex agricultural systems and machinery to detect vulnerable areas.

According to the FBI, in the past two years alone, there have been four major ransomware attacks against six grain cooperatives, with some of the six forced to shut down production for an indefinite period.

  • In March 2022, a multi-state grain company suffered a Lockbit 2.0 ransomware attack. In addition to grain processing, the company provides seed, fertilizer and logistics services, which are essential during the spring planting season.
  • In February 2022, a company providing animal feed and other agricultural services reported two instances in which an unauthorized actor gained access to some of its systems and possibly attempted to launch a ransomware attack. Attempts were detected and stopped before encryption.
  • Between September 15 and October 6, 2021, six grain cooperatives suffered ransomware attacks. Various ransomware variants have been used, including Conti, BlackMatter, Suncrypt, Sodinokibi, and BlackByte. Some targeted entities had to completely halt production while others lost administrative functions.
  • In July 2021, a business management software company discovered malicious activity on its network, which was later identified as HelloKitty/Five Hands ransomware. The menacing actor demanded a $30 million ransom. The ransomware attack on the company led to secondary ransomware infections among a number of its customers, including several agricultural cooperatives.