This week, AGCO, a major U.S. agricultural machinery manufacturer, was hit by a ransomware attack that affected its business operations and shut down its systems. AGCO, which is headquartered in Duluth, Georgia, is known for designing, producing, and selling machinery like tractors, combines, foragers, hay tools, and self-propelled sprayers. The company also produces smart farming technologies, along with seeding and tillage equipment.
AGCO first discovered this attack through its subsidiary Massey-Ferguson, when their websites in France, Germany, and China were targeted. At that time, more than 1,000 employees were sent home from production facilities in France. As a result of the attack, operations across the globe have been affected.
In order to mitigate and remediate the attack, AGCO shut down portions of its IT systems, but it will likely take several days to fully repair them. It is currently unknown when business operations will fully resume.
While it’s not yet known who is behind the attack, it’s believed the motive comes from the company’s recent donation to a Ukrainian relief fund. The day before this attack, AGCO’s Agriculture Foundation donated $50,000 to the BORSCH initiative, which assists Ukrainian farming communities affected by the war with Russia. A few weeks ago, the FBI released a warning on ransomware attacks targeting the U.S. agricultural industry that could be timed to coincide with critical seasons in the industry.
In the short term, the FBI recommends that the agricultural industry (as well as all U.S. businesses) should be on high alert for potential cyber attacks. In addition to patching all systems in your organization’s environment, the agency recommends that the best thing to do is to have robust monitoring of the environment. That way, potential attacks can be recognized as soon as they happen, and the right security measures can be taken.