clop attacks OAKDELL
Incident Date:
March 28, 2022
Overview
Title
clop attacks OAKDELL
Victim
OAKDELL
Attacker
Clop
Location
First Reported
March 28, 2022
OAKDELL Egg Farms Suffers Ransomware Attack
Company Size and Industry Standout
OAKDELL Egg Farms, a local, family-owned farm founded more than a century ago in Cache Valley, Utah, has been targeted by the ransomware group Clop. The attack was announced on the group's dark web leak site. OAKDELL operates in the Agriculture sector, which has been identified as a potential target for ransomware attacks during critical seasons due to the time-sensitive nature of agricultural production.
OAKDELL Egg Farms is renowned for their cage-free Omega-3 Brown Eggs and cage-free Organic Brown Eggs, marketed as nutritionally enhanced and free from pesticides, antibiotics, and compromises.
Vulnerabilities
The ransomware attack on OAKDELL Egg Farms is indicative of a broader trend of increasing ransomware attacks on agricultural cooperatives globally since 2021. These incidents have involved a range of ransomware variants, including Conti, BlackMatter, Suncrypt, Sodinokibi, and BlackByte. Attack vectors have frequently involved known but unpatched vulnerabilities and exploits, as well as secondary infections through the exploitation of shared network resources or the compromise of managed services.
Mitigation Strategies
To fortify against ransomware attacks, entities within the food and agriculture sector are encouraged to adopt several key practices. Regularly backing up data, air-gapping, and password-protecting backup copies offline are critical steps. Organizations should also develop a recovery plan that entails maintaining and retaining multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location. Furthermore, it is imperative to promptly install updates/patches for operating systems, software, and firmware upon their release. Employing multifactor authentication with strong passphrases where feasible, alongside the use of strong passwords and routine changes to passwords for network systems and accounts, is also recommended.
Sources
- "Ransomware in the Agriculture Sector: Trends and Forecasts" - https://www.cisa.gov/uscert/ncas/alerts/aa20-245a
- "Understanding Ransomware and Strategies for Prevention and Response" - https://www.cisa.gov/publication/ransomware-guide
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.