Ransomware Hits Perfection Fresh Exposing Agriculture Risks
Incident Date:
October 9, 2024
Overview
Title
Ransomware Hits Perfection Fresh Exposing Agriculture Risks
Victim
Perfection Fresh
Attacker
Sarcoma
Location
First Reported
October 9, 2024
Ransomware Attack on Perfection Fresh by Sarcoma Group
Perfection Fresh, a leading player in Australia's fresh produce industry, has become the latest victim of a ransomware attack by the newly emerged cybercriminal group, Sarcoma. This incident highlights the increasing threat posed by ransomware groups targeting diverse sectors, including agriculture.
About Perfection Fresh
Founded in 1978, Perfection Fresh Australia is a prominent privately-owned company in the fresh produce sector. With its headquarters in Homebush, New South Wales, the company has grown into a major marketer of fresh fruits and vegetables, boasting an annual revenue of approximately $263.1 million and employing around 298 people. Perfection Fresh operates a network of farms across Australia, specializing in crops such as grapes, citrus fruits, and berries. The company is renowned for its innovative approach to horticulture, developing popular brands like Calypso® mangoes and Broccolini®.
Attack Overview
The ransomware attack on Perfection Fresh was claimed by Sarcoma, a group that has quickly gained notoriety for its aggressive tactics. Sarcoma listed Perfection Fresh among over 30 victims on its dark web portal. The attack underscores the vulnerabilities faced by companies in the agriculture sector, which may not always prioritize cybersecurity measures. The specifics of how Sarcoma penetrated Perfection Fresh's systems remain unclear, but the group's modus operandi typically involves data exfiltration and double extortion strategies.
About Sarcoma Ransomware Group
Sarcoma is a relatively new entrant in the ransomware landscape, with its first notable attacks reported in October. The group has targeted various industries, showing a preference for regions like Australia and New Zealand. Sarcoma distinguishes itself by not publicly listing ransom amounts, instead leveraging data leaks to coerce victims. The group operates a darknet leak site, promoting itself as a means to expose poor security practices among organizations.
Potential Vulnerabilities
Perfection Fresh's extensive operations and reliance on advanced farming technologies may have inadvertently exposed it to cyber threats. The company's focus on innovation and sustainability, while commendable, might have overshadowed the need for comprehensive cybersecurity measures. As Sarcoma continues to expand its list of victims, organizations in the agriculture sector must reassess their security protocols to mitigate such risks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.