A ransomware attack recently forced global produce giant Dole to temporarily shut down production plants and shipments in North America earlier this month.
The impact of the ransomware attack is being described as “limited” by Dole but did cause outages of their popular pre-packaged salad kits and blends according to grocers in Texas and Nevada.
The cyber-attack had initially been kept relatively quiet, but that changed when a food store posted a memo about the incident on their social media in response to customer complaints about the lack of Dole produce. Dole quickly confirmed there was a ransomware attack after the memo surfaced, releasing the following statement:
“Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems… While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.”
The attack reinforces the recent joint advisory issued by the FBI, FDA and USDA this past December, which warns the food and agriculture sector to be on alert for business email compromise attacks targeting food product and ingredient shipments.
As of this article, there is no confirmation that a business email compromise is what led to the ransomware attack. Details in general, including the length their production was stopped, ransomware demands and any payment, have not been forthcoming.
Dole did confirm that they are working with a third-party cybersecurity firm, alongside their internal teams and law enforcement.
While the actual impact of this incident is relatively isolated and more of a consumer inconvenience, similar attacks such as the JBS Meatpacker ransomware attack show how devastating a cyber-attack can truly be on our global food supply chain.
The reality is that the Dole ransomware attack could have been much, much worse in scale and should act as another reminder of the importance of prioritizing cybersecurity to protect key operations and technology infrastructure.
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at www.schneiderdowns.com/subscribe.
To learn more, visit our dedicated Cybersecurity page.