Ag Ransomware Attacks on the Rise

There were 84 ransomware attacks against the food and agriculture sector during the first three months of 2025, more than twice the number of intrusions during the same period last year.  More than 75% of the intrusions were recorded in January and February, with ransomware already accounting for 53% of all cyberattacks against the industry during the quarter, according to a report from the Food and Ag-ISAC.

Attacks against food and agriculture organizations have ramped up since the fourth quarter of last year due to the Clop hack of Cleo file sharing software, as well as persistent targeting of the Akira and RansomHub ransomware gangs, said the report.  It also noted the elevated prevalence of outdated industrial control systems which significantly increases the vulnerability in the sector.

Food and Ag-ISAC Director of Cyber Information Sharing Jonathan Bradley added that the issue is compounded by inadequate threat visibility.

While global law enforcement had a positive impact in deterring two major ransomware players, LockBit and ALPHV/BlackCat, several newer ransomware strains emerged in 2024 to fill the void, the report noted.  Reports show that several high-profile cybercriminal groups have begun partnering with ransomware actors. As such, the threat of ransomware should continue to be a concern for organizations across the critical infrastructure community, including the Food and Agriculture sector.

If you have a story idea for the PNW Ag Network, call (509) 547-1618, or e-mail glenn.vaagen@townsquaremedia.com