Ransomware Attack Takes Down Massive Food-Supply Chain Providing Distribution of Temperature-Sensitive COVID-19 Vaccines

A company whose cold-storage capacities are extremely integral to the U.S. food-supply chain and the Coronavirus vaccine distribution affirmed an operation affecting cyberattack, as per a filing with the Securities and Exchange Commission (SEC). 

Americold is by far the largest cold-storage provider in the U.S. what’s more, it operates 183 temperature-controlled warehouses globally, incorporating Argentina, Australia, Canada, and New Zealand; and just got hold of a similar company in Europe. 

For ‘an idea of scale’, it holds the agreement for linking the ConAgra food-producing giant to supermarkets and customers. 

The attack appears all the earmarks of being a ransomware episode that began on Nov. 16 and even influenced the organization’s phone systems, email, inventory management, and request satisfaction, as indicated by reports on Twitter. 

The filing with the SEC was brief and read that: “As a precautionary measure, the company took immediate steps to help contain the incident and implemented business continuity plans, where appropriate, to continue ongoing operations… Security, in all its forms, remains a top priority at Americold, and the company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data and customer information.” 

The attack is probably going to be ‘highly targeted’ and ‘very thought of’, as per researchers. 

Chloé Messdaghi, Vice President of strategy at Point3 Security, said by means of email, “Human-operated ransomware attacks begin with trojans or other exploits against unsophisticated vectors. Once a way in is found, malware is planted and privileges are elevated. These attacks often exfiltrate data before encrypting files and the attacks are drawn out, with months of potential compromise adding to the potential harms that can result.” 

She added, “That’s why these types of attacks4 pose a greater threat than automated attacks such as WannaCry or NotPetya – they’re intentional and secretive.” 

Fundamentally, Americold has likewise been in conversion with providing storage and transport to the distribution of temperature-sensitive Coronavirus vaccines, as indicated by reports. 

Andrea Carcano, a fellow benefactor of Nozomi Networks, said through email, “The attack against Americold highlights a concerning trend of attackers targeting larger and more critical organizations, these threats should be a wake-up call for security professionals responsible for keeping not only IT, but operational technology (OT) and internet of things (IoT) networks safe. In the manufacturing business, time is money, so the disruption of IT services as well as manufacturing downtime and shipment delays, translates to lost revenue.”