Earlier this month a cyber attack on food produce giant Dole caused the firm to shut down its production plants across North America for a period of time, and halt shipments to stores.
The first the general public knew about the incident was yesterday, after told CNN heard that the fresh food producer was the latest company to be hit in a series of high-profile ransomware attacks.
The tip-off came after Stewart's, a grocery store in Olney, Texas, published on its Facebook page a memo from Dole explaining why it had been unable to supply enough prepackaged salad.
Part of the internal memo read:
"Our plants are shut down for the day and all our shipments are on hold. Please bear with us as we navigate our way and hopefully we will minimize this event."
Other grocery stores across the United States also reported that customers were upset at the shortage of salad from Dole.
In the hours following the CNN article, Dole issued a statement to the press, confirming that it had fallen foul of ransomware:
Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole's internal teams to remediate the issue and secure systems.
The company has notified law enforcement about the incident and are cooperating with their investigation.
While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.
Dole's statement makes no mention of which family of ransomware had hit its systems, whether any sensitive data was exfiltrated by its attackers, or if it had received a ransom demand.
In June 2021, another major food supplier - JBS - suffered a security breach which saw its systems infected by the Revil ransomware gang, impacting its ability to “process” thousands of cattle, sheep, and pigs. JBS ultimately paid the equivalent of US $11 million to its attackers.
Ransomware continues to be a serious threat for organisations, who are advised to follow best practices to reduce the impact of an attack, including:
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsDecember 19, 2024
November 14, 2024