BlackMatter demands $5.9 million ransom from Iowa farm cooperative

BlackMatter is demanding the ransom so the cooperative can unlock its systems right before the harvest season is set to begin

New Cooperative, an Iowa-based cooperative that operates grain storage elevators and buys crops from farmers, has been hit by a $5.9 million (£4.3 million) ransom demand after being hit by the BlackMatter group. 

The BlackMatter ransomware leak page shows the gang has obtained financial documents, network information for multiple companies associated with New Cooperative, social security numbers and personal information of employees, and source code for Soil Map, a farmer technology platform, ransomware expert Allan Liska told ZDNet.

The group claims to have 1TB of data and has set a timer it says will expire at midday on 25 September. It's also demanding a $5.9 million ransom payment from New Cooperative.

"We have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained," New Cooperative said in a statement to Reuters. "We also quickly notified law enforcement and are working closely with data security experts to investigate and remediate the situation."

On social media, there are screenshots of chat logs which appear to be between the ransomware group and New Cooperative. The farming group states that it is critical infrastructure as it is intertwined with the food supply chain in the US, and is asking why it was attacked if BlackMatter claims to not attack critical infrastructure.

Related Resource

Ransomware made MSPeasy

The MSP's guide to saving the day

The MSP's guide to ransomware - whitepaper from DattoFree download

“About 40% of grain production runs on our software, and 11 million animals feed schedules rely on us,” said New Cooperative, before adding that CISA would be demanding answers from the group in the next 12 hours and “we are going to have to tell them exactly what happened and why the food supply chain is disrupted”.

BlackMatter refused to back down, replying to the company that “you do not fall under the rules, everyone will only incur losses,” before saying the company should come to an agreement with them and solve everything quickly.

Don Roose, the president of US Commodities in West Des Moines, Iowa, told Reuters that the timing of the attack is making it crucial that NEW Cooperative get its systems back online as soon as it can as many farmers will start their combines this week and begin delivering crops to NEW’s elevators across the state.

“They have got you boxed into a corner,” Roose said. “Harvest is right now. This is the week that we are just starting to ramp up harvest, particularly for soybeans.”

IT Pro has contacted New Cooperative for comment. CISA declined to comment on the story.

In June, JBS Foods paid an $11 million (£7.8 million) ransom to hackers who compromised its IT system. The meat processing company fell victim to a ransomware attack in May and was forced to suspend its systems and, in some areas, shut down production for 24 hours. The company confirmed it made the ransom payment to the attackers, totalling $11 million in Bitcoin.

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Podcast transcript: Should the US cyber army be more aggressive?
cyber warfare

Podcast transcript: Should the US cyber army be more aggressive?

22 Oct 2021
The IT Pro Podcast: Should the US cyber army be more aggressive?
cyber warfare

The IT Pro Podcast: Should the US cyber army be more aggressive?

22 Oct 2021
Almost 70% of CISOs expect a ransomware attack
ransomware

Almost 70% of CISOs expect a ransomware attack

19 Oct 2021
Organizations warned of ransomware risk from smaller operators
ransomware

Organizations warned of ransomware risk from smaller operators

19 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Cryptocurrency: Should you invest?
cryptocurrencies

Cryptocurrency: Should you invest?

27 Oct 2021