Food giant Dole has disclosed that they have been hit by a ransomware attack. But only after the news hit the media. Let’s start with what Dole had to say:
Dole plc announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.
Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems.
The company has notified law enforcement about the incident and are cooperating with their investigation.
While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.
That’s your standard PR statement that basically says “nothing to see here, move along.” Except that CNN has a slightly different story:
A cyberattack earlier this month forced produce giant Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores, according to a company memo about the incident obtained by CNN.
The previously unreported hack — which a source familiar with the incident said was ransomware — led some grocery shoppers to complain on Facebook in recent days that store shelves were missing Dole-made salad kits.
“Dole Food Company is in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America,” Emanuel Lazopoulos, senior vice president at Dole’s Fresh Vegetables division, said in a February 10 memo to retailers.
Dole has four processing plants in the US and employs more than 3,000 people, according to a recent company press release.
After CNN published this story on Wednesday afternoon, Dole spokesperson William Goldfield sent CNN a statement confirming that ransomware was the cause of the incident.
“The company has notified law enforcement about the incident and are cooperating with their investigation,” Dole’s statement said in part. “While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.”
However, two grocery stores in Texas and New Mexico contacted by CNN on Wednesday said they couldn’t stock Dole salad kits on their shelves for days.
So much for “the impact to Dole operations has been limited.” This is a classic case of a company trying to keep the fact that they got pwned quiet, and then scrambling to explain getting pwned after the news gets out.
Morten Gammelgaard, EMEA, co-founder of BullWall had this comment:
“When ransomware attacks force giant food processing operators like Dole to shut down production, the effects can ripple through the entire economy. Threat actors have significantly accelerated their deployment of ransomware, from an average of 60 days per attack in 2019 to less than four days in 2021, according to a recent IBM report. Even for large multi-national companies such as Dole, staying on top of network vulnerabilities and updating prevention based security constantly is very difficult. You will be breached and you’d best be prepared.”
“The Dole ransom attack highlights how the just-in-time nature of food supply chains makes them particularly vulnerable to financially motivated cyberattacks, like ransomware. As production and distribution are tightly coordinated to minimize waste and cost, any disruption caused by a cyberattack can have a ripple effect throughout the supply chain, leading to shortages and inevitable price increases.”
“Should Ransomware slip through any of the multitude of potential weaknesses in small and large environments it is very important to have Ransomware Containment in place (not the same as ransomware prevention). It acts as a Last Line of Defense against “active” attacks – i.e. when encryption starts to corrupt your data as a fully automated response. It has saved many well-prepared organizations millions of dollars.”
Finally Darren Williams, CEO and Founder of BlackFog said this:
“Similar to other devastating ransomware attacks we have seen recently these attacks are highly targeted, and existing technologies are insufficient to cope with these modern attack variants. The speed at which attackers can breach and leverage a network infrastructure is now unparalleled with the time to deployment down from 60 days to less than 4 days. Detecting and responding to these events manually is no longer feasible for an organization. Focus must be around prevention and stopping data exfiltration before any damage can be done. “
Because Dole isn’t a small food provider, I would hope that the relevant authorities are investigating this because with threat actors targeting operations like Dole, one of these attacks could result in things going very badly for millions of people.
Like this:
Like Loading...
Related
This entry was posted on February 24, 2023 at 9:30 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Dole Getting Pwned By Ransomware Is Just Bananas
Food giant Dole has disclosed that they have been hit by a ransomware attack. But only after the news hit the media. Let’s start with what Dole had to say:
Dole plc announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.
Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems.
The company has notified law enforcement about the incident and are cooperating with their investigation.
While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.
That’s your standard PR statement that basically says “nothing to see here, move along.” Except that CNN has a slightly different story:
A cyberattack earlier this month forced produce giant Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores, according to a company memo about the incident obtained by CNN.
The previously unreported hack — which a source familiar with the incident said was ransomware — led some grocery shoppers to complain on Facebook in recent days that store shelves were missing Dole-made salad kits.
“Dole Food Company is in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America,” Emanuel Lazopoulos, senior vice president at Dole’s Fresh Vegetables division, said in a February 10 memo to retailers.
Dole has four processing plants in the US and employs more than 3,000 people, according to a recent company press release.
After CNN published this story on Wednesday afternoon, Dole spokesperson William Goldfield sent CNN a statement confirming that ransomware was the cause of the incident.
“The company has notified law enforcement about the incident and are cooperating with their investigation,” Dole’s statement said in part. “While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.”
However, two grocery stores in Texas and New Mexico contacted by CNN on Wednesday said they couldn’t stock Dole salad kits on their shelves for days.
So much for “the impact to Dole operations has been limited.” This is a classic case of a company trying to keep the fact that they got pwned quiet, and then scrambling to explain getting pwned after the news gets out.
Morten Gammelgaard, EMEA, co-founder of BullWall had this comment:
“When ransomware attacks force giant food processing operators like Dole to shut down production, the effects can ripple through the entire economy. Threat actors have significantly accelerated their deployment of ransomware, from an average of 60 days per attack in 2019 to less than four days in 2021, according to a recent IBM report. Even for large multi-national companies such as Dole, staying on top of network vulnerabilities and updating prevention based security constantly is very difficult. You will be breached and you’d best be prepared.”
“The Dole ransom attack highlights how the just-in-time nature of food supply chains makes them particularly vulnerable to financially motivated cyberattacks, like ransomware. As production and distribution are tightly coordinated to minimize waste and cost, any disruption caused by a cyberattack can have a ripple effect throughout the supply chain, leading to shortages and inevitable price increases.”
“Should Ransomware slip through any of the multitude of potential weaknesses in small and large environments it is very important to have Ransomware Containment in place (not the same as ransomware prevention). It acts as a Last Line of Defense against “active” attacks – i.e. when encryption starts to corrupt your data as a fully automated response. It has saved many well-prepared organizations millions of dollars.”
Finally Darren Williams, CEO and Founder of BlackFog said this:
“Similar to other devastating ransomware attacks we have seen recently these attacks are highly targeted, and existing technologies are insufficient to cope with these modern attack variants. The speed at which attackers can breach and leverage a network infrastructure is now unparalleled with the time to deployment down from 60 days to less than 4 days. Detecting and responding to these events manually is no longer feasible for an organization. Focus must be around prevention and stopping data exfiltration before any damage can be done. “
Because Dole isn’t a small food provider, I would hope that the relevant authorities are investigating this because with threat actors targeting operations like Dole, one of these attacks could result in things going very badly for millions of people.
Share this:
Like this:
Related
This entry was posted on February 24, 2023 at 9:30 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.