Americold, a company whose cold-storage capabilities are important to the US food-supply chain (& soon, COVID-19 vaccine distribution), has confirmed an operations-impacting cyberattack, according to a filing with the US Securities & Exchange Commission (SEC).
A reported ransomware attack took down operations at the firm, which in talks for COVID-19 vaccine-distribution contracts.
The filing was brief & read in part: “As a precautionary measure, the company took immediate steps to help contain the incident & implemented business continuity plans, where appropriate, to continue ongoing operations.
Security, in all forms, remains a top priority at Americold, & the company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data & customer information.”
The attack seems to be a ransomware incident beginning on Nov. 16, according to a Bleeping Computer report. The attack affected the company’s phone systems, email, inventory management & order fulfilment, according to reports on Twitter.
One US lorry driver on Monday tweeted, “At a Americold depot & their systems are down,” they noted. “They are unable to assign me to a door. We will let the waiting begin.”
The attack is likely to be highly targeted & well-thought-out, according to researchers.
“Human-operated ransomware attacks begin with trojans or other exploits against unsophisticated vectors,” Chloé Messdaghi, VP of Strategy at Point3 Security, commented
“Once a way in is found, malware is planted & privileges are elevated. These attacks often exfiltrate data before encrypting files & the attacks are drawn out, with months of potential compromise adding to the potential harms that can result.”
She added, “That’s why these types of attacks pose a greater threat than automated attacks such as WannaCry or NotPetya – they’re intentional & secretive.”
Based in Atlanta, Georgia, Americold is the largest cold-storage provider in the US, and it owns & operates 183 temperature-controlled warehouses worldwide, including in Argentina, Australia, Canada & New Zealand; & just acquired a similar company in Europe.
For an idea of scale, it holds the contract for linking the ConAgra food-producing giant to supermarkets & consumers.
“The attack against Americold highlights a concerning trend of attackers targeting larger & more critical organisations,” Andrea Carcano, Co-Founder of Nozomi Networks, stated.
“These threats should be a wake-up call for security professionals responsible for keeping not only IT, but operational technology (OT) & internet of things (IoT) networks safe.
In the manufacturing business, time is money, so the disruption of IT services as well as manufacturing downtime & shipment delays, translates to lost revenue.”
Americold has also been in talks to provide storage & transport for the distribution of temperature-sensitive COVID-19 vaccines, says reports.
“Once again, we see that companies who don’t consider themselves to be likely targets are the most likely of targets,” observed Messdaghi.
“This is especially unfortunate since Americold has an important role to play in the upcoming distribution of COVID-19 vaccines, in addition to its longstanding role in supporting the food supply chain.
Each & every piece of the COVID-19 distribution chain must go through serious risk & cyber-security audits, as though lives depend on it. Because they will.”
She concluded, “The more that our critical data is protected by zero-trust actions, the safer we’ll all be – both day to day & particularly in national mobilisation circumstances like the upcoming vaccine distribution.”