(Reuters) -Iowa-based provider of agricultural services NEW Cooperative Inc. said on Monday that their system was offline to contain a "cybersecurity" incident just like the US agricultural belt ready for harvest.
The cooperative operates grain storage elevators in the highest US corn-producing state, buys crops from farmers, sells fertilizers and other chemicals needed to grow crops, and owns technical platforms for farmers that provide agronomic advice on how to maximize their harvests.
"We have proactively taken our systems offline to contain the threat, and we can confirm that it has managed to contain," NEW Cooperative said in a statement. "We also promptly announced law enforcement and are working closely with computer security experts to investigate and remedy the situation."
Several grain elevators operated by the NEW Cooperative contacted by Reuters were open.
The timing of the attack makes it crucial that NEW gets its systems back online as soon as possible, as many farmers will begin harvesting their crops this week and begin delivering crops to NEW's elevators across Iowa, said Don Roose, President of the United States. Commodities in West Des Moines, Iowa.
"They've got you framed in a corner," Roose said. “The harvest is right now. This is the week we have just started to increase the harvest, especially for soybeans.
Cybersecurity has risen to the top of the Biden administration's agenda following a series of high-profile attacks on network company SolarWinds Corp. , Colonial Pipeline's oil network, the meat processing company JBS and the software company Kaseya. The attacks harm the United States far beyond the fact that only the hacked companies affect fuel and food supplies.
A spokesman for the US Cybersecurity and Infrastructure Security Agency declined to comment on the incident at NEW Cooperative.
The Federal Bureau of Investigation did not immediately respond to a request for comment.
"This is a very clear attack on an organization that is part of our critical infrastructure," said Allan Liska, senior analyst at US cyber-security company Recorded Future. "This can lead to disruptions in food delivery in parts of the country."
A Russian-speaking cybercriminal group called BlackMatter said on its website that they had recently stolen data from the NEW Cooperative.
BlackMatter is known for using ransomware to threaten its victims with data leaks, often blackmailing them for a cryptocurrency payment.
The allegation follows a July meeting between US President Joe Biden and Russian President Vladimir Putin, in which Biden reportedly told Putin that companies with "critical infrastructure" should be off-limits for ransomware gangs.
Cyber security experts and federal prosecutors say that ransomware groups often operate from Russia or Ukraine. The "food and agriculture industry" is publicly defined as a critical infrastructure sector by the Department of Homeland Security. Catalog