Corn Not just at Stake Due to BlackMatter $5.9M Ransomware Attack
Posted October 03, 2021
Written by John Shea III, Xpanxion Technical Writer
The Corn Can’t Flow
BlackMatter, a successor to DarkSide which did the Colonial Pipeline ransomware attack this spring, is now holding the New Cooperative, an agricultural co-op located in Iowa, for a $5.9M dollar ransom. If the corn supply gets interrupted, it will affect the feed for pork, poultry, and grain supply for the U.S. This could cause a ripple effect of food shortages very soon.
BlackMatter’s solution is to pay up and it will provide a decryption key to New Cooperative so it can unlock its files. New Cooperative says it has shutdown its systems and taken them offline to contain the threat. They believe they have contained it for now.
What does BlackMatter have?
New Cooperative is not saying but researchers believe that its data and almost a Terabyte (that’s a few more than 1,000 gigabytes) of files. These include invoices, R&D documents, and source code to SOILMAP, an agronomic software that provides soil testing, mapping and streamlined accounting for more efficient food production processes.
BlackMater says it doesn’t strike critical infrastructure but when New Cooperative tries to explain and insist that it is a critical part of the local and national economy, BlackMatter declines New Cooperative’s request to negate the ransomware attack. They are reluctant to work out an agreement with the cooperative.
Who is BlackMatter?
They were founded in July this summer and say they have got the best of the DarkSide, REvil, and LockBit hacking groups. They advertise that you can purchase access to the networks of the big four English-speaking countries of the U.S.A, Canada, U.K, and Australia. Prime targets are companies with revenue of $100 million or more with 500 to 15,000 hosts on their networks. Ransomware for sale affects a lot of people, systems, applications, and supply chains down the line.
New Cooperative still insists they are a critical infrastructure but BlackMater remains unconvinced. It still wants the $5.9M.
Who Blinks First?
Things are at an impasse. The FBI is aware of the attack and both they and CISA (Cybersecurity and Infrastructure Security Agency) declined comment. However, this could be the first test of the Biden administration’s response to cyber attacks against critical infrastructure and reporting them to CISA.
In the meantime, be prepared to have an alternative to your breakfast of eggs, bacon, and bowl of cornflakes and ethanol to run your car on.
Xpanxion, with its cybersecurity professionals, can help you avoid or prepare for a ransomware attack. Let us help you defend yourself.
About Xpanxion - Solving business problems with technology. We are software product engineering experts with over 20+ years of experience delivering the technologies, software architectures, processes and people critical to delivering success. As a trusted partner, we focus on business solutions and alliances that provide end-to-end value to solving our customer’s problems. We focus on providing best-in-class solutions by developing custom solutions with modern technologies or by delivering industry recognized off the shelf solutions.
Expertise Solutions and Alliances Platforms and Technologies Industries
Media Contact: email@example.com