Crystal Valley Cooperative becomes latest agriculture business hit with ransomware
Minnesota-based farm supply and grain marketing cooperative Crystal Valley has become the latest agriculture business hit with a ransomware attack.
The company released a statement on its website Tuesday afternoon, but the website is currently down as of Wednesday.
On Facebook, Crystal Valley Cooperative confirmed that it had been hit with a ransomware attack on Sunday, September 19.
“The attack has infected our computer systems and interrupted the daily operations of our company. Due to this computer breach, all systems of the Mankato-based cooperative have been shut down until they can be restored safely and securely,” the company said.
“Due to this, we are unable to accept Visa, Mastercard, and Discover cards at our cardtrols until further notice. Local cards do work. As we continue to navigate through this with the help of experts, we appreciate your patience and understanding. We will continue to update with information as it becomes available.”
In messages to ZDNet, a spokesperson for the company confirmed that their phone system is also down.
Based in Mankato, Minnesota, Crystal Valley Cooperative is a local full-service agricultural cooperative focused on helping crop farmers and livestock producers in southern Minnesota and northern Iowa.
The Free Press in Minnesota reported that the company works with 2,500 farmers and livestock producers while employing 260 full-time workers.
CEO Roger Kielholz told the newspaper that the company is “working diligently with our internal IT team along with multiple outside technology vendors to restore our data and return to full-service operation in a matter of days, especially now with fall harvest getting underway.”
The ransomware attack is the second in the last week targeting an agriculture cooperative. Iowa-based farm service provider NEW Cooperative was hit with a ransomware attack last week. The BlackMatter ransomware group took credit for the attack and was demanding a $5.9 million ransom.
In that case, many observers noted what Kielholz mentioned in his statement: that this was a particularly bad time for a cyberattack considering this is when harvests begin to ramp up for farmers.
Earlier this month, the FBI released a notice warning companies in the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains.
“Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information and may suffer reputational damage resulting from a ransomware attack,” the FBI said.
The notice goes on to list multiple attacks on the food and agriculture sector since November, including a Sodinokibi/REvil ransomware attack on a US bakery company, the attack on global meat processor JBS in May, a March 2021 attack on a US beverage company and a January attack on a US farm that caused losses of approximately $9 million.
JBS ended up paying an $11 million ransom to the REvil ransomware group after the attack caused meat shortages across the US, Australia and other countries. In November, the FBI also cited an attack on a US-based international food and agriculture business that was hit with a $40 million ransom demand from the OnePercent Group.