Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, making it the second farming cooperative attacked this weekend.
Crystal Valley is a farm supply and grain marketing cooperative serving farmers in Minnesota and northern Iowa.
Yesterday, Crystal Valley disclosed that their company was targeted with a ransomware attack on Sunday that led them to shut down IT systems, preventing payments using Visa, Mastercard, and Discover credit cards.
“On Sunday, September 19, Crystal Valley was alerted we had been targeted in a ransomware attack. This attack has infected the computer systems at Crystal Valley and severely interrupted the daily operations of the company,” disclosed Crystal Valley in a notice on their website.
“Crystal Valley and cyber security experts are working diligently to re-establish safe and secure operating systems, which will be back online when we are confident the issue has been resolved.”
At this time, it is not known what ransomware operation is behind the attack.
BleepingComputer contacted Crystal Valley yesterday about the attack but has not heard back.
If you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal at +16469613731, Wire at @lawrenceabrams-bc, or via XMPP at firstname.lastname@example.org.
Ransomware continues to attack critical infrastructure
The attack on Crystal Valley marks the second farming cooperative attacked over the past weekend.
On Monday, it was discovered that NEW Cooperative was targeted by BlackMatter ransomware, demanding a $5.9 million ransom not to leak data and provide a decryption key.
NEW Cooperative also works with farms in Iowa, but there is no indication that the attacks are related.
The US government classifies food and agriculture as critical infrastructure vital to the United States.
“There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof,” the CISA website explains about critical infrastructure.
After Colonial Pipeline was shut down by a DarkSide ransomware attack and meat producer JBS was attacked by REvil, President Biden warned Russia’s President Putin that critical infrastructure should be off limits for ransomware attacks.
President Biden also warned that if Russia did not crack down on cyber criminals operating within its borders, the US would take any necessary action to protect its interests.
However, there have been no signs of cooperation, and ransomware attacks against US organizations continue unabated.
Thx to DigitalEra Group for the tip!