According to a report released in 2023, the US food and agricultural sector experienced 167 income-incident attacks, ranking it seventh in terms of vulnerability among all sectors in the country. The data was collected and analyzed by the Food and AG-SISAC.
The report also revealed that in the first quarter of 2024, there were already 40 attacks recorded. While this shows a slight decrease compared to the previous year, it is still a significant number of cyber incidents targeting the sector.
Major food companies like Dole, Sysco, and Mondelez were among those targeted by cybercriminals. Jonathan Brieli, the director of Food and AG-SIC, explained that these groups of extortionists tend to target vulnerable organizations with lax cybersecurity measures, and unfortunately, the food and agricultural sector is often seen as an easy target due to its lack of emphasis on cybersecurity.
In 2023, the groups Lockbit and BlackCat were the leaders in attacks on the food sector, with Lockbit conducting 40 attacks and BlackCat conducting 15. However, in early 2024, the group Play emerged as the most active, claiming responsibility for 5 attacks.
These cyber attacks have the potential to disrupt production processes, such as seed production, leading to delays in sowing or harvesting. In more severe cases, products may need to be redirected to regions with active agricultural seasons, resulting in high costs for the affected companies.
To address the growing threat to the industry, Congress is taking steps to improve cybersecurity measures. This includes the development of specialized legislation to enhance digital defense within the sector and the establishment of a dedicated center within the National Telecommunications and Information Administration to assist agricultural producers in safeguarding their technology.