Food giant Dole hit by ransomware, halts North American production temporarily

Earlier this month a cyber attack on food produce giant Dole caused the firm to shut down its production plants across North America for a period of time, and halt shipments to stores.

The first the general public knew about the incident was yesterday, after told CNN heard that the fresh food producer was the latest company to be hit in a series of high-profile ransomware attacks.

The tip-off came after Stewart's, a grocery store in Olney, Texas, published on its Facebook page a memo from Dole explaining why it had been unable to supply enough prepackaged salad.

Part of the internal memo read:

"Our plants are shut down for the day and all our shipments are on hold. Please bear with us as we navigate our way and hopefully we will minimize this event."

Other grocery stores across the United States also reported that customers were upset at the shortage of salad from Dole.

In the hours following the CNN article, Dole issued a statement to the press, confirming that it had fallen foul of ransomware:

Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole's internal teams to remediate the issue and secure systems.

The company has notified law enforcement about the incident and are cooperating with their investigation.

While continuing to investigate the scope of the incident, the impact to Dole operations has been limited.

Dole's statement makes no mention of which family of ransomware had hit its systems, whether any sensitive data was exfiltrated by its attackers, or if it had received a ransom demand.

In June 2021, another major food supplier - JBS - suffered a security breach which saw its systems infected by the Revil ransomware gang, impacting its ability to “process” thousands of cattle, sheep, and pigs.  JBS ultimately paid the equivalent of US $11 million to its attackers.

Ransomware continues to be a serious threat for organisations, who are advised to follow best practices to reduce the impact of an attack, including:

• making secure offsite backups.
• running up-to-date security solutions and ensuring that your computers are protected with the latest security patches against vulnerabilities.
• using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication.
• encrypting sensitive data wherever possible.
• educating and informing staff about the risks and methods used by cybercriminals to launch attacks and steal data.