KANSAS CITY, Mo. (DTN) -- NEW Cooperative in Fort Dodge, Iowa, confirmed Monday it had been hit with a ransomware attack that affected the grain cooperative's operations, which include 60 elevator locations across north-central and western Iowa.
Screenshots posted on Twitter show the grain cooperative was hit over the weekend by the group dubbed Blackmatter. Bloomberg reported the group was seeking $5.9 million to release NEW Cooperative from its ransomware.
NEW Cooperative issued a statement to DTN on the cybersecurity incident, confirming it was affecting some of the company's devices and systems.
"Out of an abundance of caution, we have proactively taken our systems offline to contain the threat, and we can confirm it has been successfully contained. We also quickly notified law enforcement and are working closely with data security experts to investigate and remediate the situation.
The cooperative added, "Please know that NEW Cooperative is treating this matter with the utmost seriousness and we are using every available tool and resource to quickly restore our systems. We appreciate the patience of our valued customers as we investigate this matter and work to restore functionality and will share additional information directly with our customers as we learn it."
A message posted on Twitter from Blackmatter's website showed the cooperative on Sunday seeking to negotiate a release of its computerware from the hackers and informed the hackers that it would have to report the situation to the Cybersecurity and Information Security Agency (CISA).
"Your website says you do not attack critical infrastructure. We are critical infrastructure -- we intertwine with the food supply chain in the U.S. If we are not able to recover very shortly, there is going to be very, very public disruption of the grain, pork and chicken supply chain. About 40% of grain production runs on our software, and 11 million animals' feed schedules rely on us. This will break the supply chain very shortly, and we will have to report this to our regulators, and likely the public if this disruption continues. I assume you have thought that through? CISA is going to be demanding answers from us within the next 12 hours or so and we are going to have to tell them exactly what has happened and why the food supply chain is disrupted."
The hackers replied that the cooperative does not fall under its "critical infrastructure" rules and told the cooperative, "Since everything is so serious with you, let's come to an agreement quickly and solve everything quickly."
The attack on NEW Cooperative comes after meatpacker JBS was hacked back in June and ended up paying $11 million to end the attack on its systems.
Chris Clayton can be reached at Chris.Clayton@dtn.com
Follow him on Twitter @ChrisClaytonDTN
(c) Copyright 2021 DTN, LLC. All rights reserved.