Russia’s Largest Meat Producer Hacked with Bitlocker Ransomware

On March 18 Miratorg Holding, one of Russia’s largest meat producers, was attacked using the Bitlocker ransomware. The attack targeted warehouse and accounting IT resources. It also interrupted the processing pipeline for electronic veterinary documentation. Eighteen companies in the Miratorg group were affected.

The point of compromise was VetIS, a state information system used by veterinary services and companies engaging in the field, making it likely a supply chain compromise. To reduce the impact of the cyberattack, the federal agency will assist Miratorg in transporting goods by temporarily lifting the strict documentation requirements for the movement of products. Moreover, it will accept hand-written certificates and give access to the federal platform (Mercury) to issue formal papers where needed. To ease customer concerns about the safety of the food during these critical times, Rosselkhoznadzor underlines that Miratorg has a track record of good reputation, so this exception is being made by taking that into account.

Rosselkhoznadzor (a government agency regulating agricultural affairs) announced that the group resumed normal operations on March 28. Unlike most ransomware attacks, the attackers did not demand money, so commercial interests were not the motivation for the attack.

Estimated Cost

Operations disrupted for 10 days, strict paperwork regulations temp. lifted by federal agency

Threat Source

Impacts

OT IT