AGCO (a worldwide manufacturer and distributor of agricultural equipment) has announced that they suffered a ransomware attack during the past week. This attack, which remains under investigation, has impacted some of the company’s production facilities.
According to the firm: “AGCO, Your Agriculture Company (NYSE:AGCO), a worldwide manufacturer and distributor of agricultural equipment, announced today that on May 5, 2022, it was subject to a ransomware attack that has impacted some of its production facilities. AGCO is still investigating the extent of the attack, but it is anticipated that its business operations will be adversely affected for several days and potentially longer to fully resume all services depending upon how quickly the Company is able to repair its systems.”
While AGCO does not provide any details as to what is causing the disruption, the company likely shut down portions of its IT systems to prevent the attack’s spread.
Looking into the issue for Digital Journal is Josh Rickard, Senior Security Solutions Architect at Swimlane.
Rickard begins by assessing the ramifications of such attacks, noting: “Ransomware attacks on critical infrastructure industries such as agriculture have the potential to disrupt vital processes necessary to the U.S. food supply chain and continue to illustrate that every company, regardless of vertical is a software company and security will only continue to rise in importance to ensure the continued operations of the business.”
As well as the overall impact, when an attack takes place also makes a big differences, says Rickard: “The timing of the ransomware attack on AGCO is concerning as they just announced a $50,000 donation towards the BORSCH initiative implemented by the Land Club, a non-profit organization in Ukraine.”
He adds that seasonality is another influencing factor: “May-July is also peak harvesting season, making agricultural organizations like AGCO an appealing target for ransomware groups because they can’t afford downtime and are therefore viewed as more likely to pay the ransom quickly.”
Just getting things back on line is not the end of the matter, Rickard warns: “Even after access is regained after a ransomware attack, it is a long path to recovery as potential penalties for failure to detect and report on improper access come into play.”
There are lessons that businesses can learn, however, from these types of cybersecurity incidences. Rickard speaks about some of these: “To avoid situations like this, companies must put the proper protections in place to ensure requisite day-to-day processes remain undisrupted.”
Furthermore, Rickard suggests: “Security teams need not only full visibility into IT environments, but the ability to respond in real-time to limit the consequences of these kinds of attacks. Implementing security systems that centralize and automate detection, response and investigation protocols improve organizations’ ability to protect data and ensure that habitual procedures run smoothly.”