More cyberattacks in U.S. ag

More cyberattacks in U.S. ag
Oct 05, 2021

Hackers recently targeted online equipment auction sites

By Diego Flammini
Staff Writer
Farms.com

Hackers have once again attacked areas of the U.S. ag sector.

Sandhills Global, which owns multiple industry auction websites including TractorHouse, AuctionTime and RentalYard, alerted users of the security breach on Friday.

“Systems and operations have been temporarily shut down to protect data and information, and we have retained cybersecurity experts to assist us with the investigation, which is ongoing,” the company said on Oct. 1, the Lincoln Journal Star reported. "We continue to investigate whether any of our clients' information has been accessed or impacted by this incident. At this time, we have not discovered evidence that confirms that customer information has been compromised."

It’s believed the organization received a ransomware attack.

Ransomware works by locking users out of their computer networks. Hackers then ask for a payment before giving back access.

And a notorious hacker group could be behind the attack.

Conti, a group with Russian ties, is believed to be responsible for the attack, BleepingComputer, a technology news and support publication, reported.

In May, the FBI issued a warning about Conti and potential attacks.

The group is responsible for more than 400 cyberattacks globally, with almost 300 affecting U.S. organizations. And ransom demands have been as high as $25 million, the FBI said.

These hackers can cause serious issues for affected organizations.

This group is responsible for attacks on Ireland’s healthcare sector, the Scottish Environment Protection Agency and the University of Utah.

“Conti ransomware stands out as one of the most ruthless of the dozens of ransomware gangs that we follow,” Palo Alto Networks, a cybersecurity company, wrote in June 2021. “Ireland has yet to recover from an attack in mid-May that prompted the shutdown of the entire information technology network of the nation's healthcare system – prompting cancellation of appointments, the shutdown of X-ray systems and delays in COVID testing.”

The group has also refused to unlock data despite victims paying the ransoms, BleepingComputer said.

Sandhill Global’s properties appear to be back online. The ransom demands are unknown, as is whether the company paid it.

The attacks on Sandhill Global is the latest in a string of cyberattacks targeting the U.S. agriculture sector.

In September, a group locked files at Crystal Valley, a Minnesota-based cooperative.

And less than a week prior to the Crystal Valley incident, a hacker group called BlackMatter demanded $5.9 million from New Cooperative Inc. out of Fort Dodge, Iowa.