Ransomware Attack Brings Dole Operations to a Temporary Halt
At a time when companies are plagued by supply chain issues, inflation is skyrocketing and cyberattacks proliferate, Dole PLC recently found itself the victim of a ransomware attack that temporarily shuttered some of its North American operations.
“The Dole ransom attack highlights how the just-in-time nature of food supply chains makes them particularly vulnerable to financially motivated cyberattacks, like ransomware,” said Morten Gammelgaard, EMEA, co-founder at BullWall. “As production and distribution are tightly coordinated to minimize waste and cost, any disruption caused by a cyberattack can have a ripple effect throughout the supply chain, leading to shortages and inevitable price increases.”
Once Dole learned of the incident, it “moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems,” the company said in a breach notification that gave few details (Read:none).
The alert on February 22, 2023 followed a message the company sent to retailers earlier in the month. “Dole Food Company is in the midst of a cyberattack and have subsequently shut down our systems throughout North America,” Emanuel Lazopoulos, senior vice president at Dole’s fresh vegetables division, said in that February 10, 2023 missive, according to a CNN memo leaked on Facebook.
“While continuing to investigate the scope of the incident, the impact to Dole operations has been limited,” the company’s breach alert noted, although a CNN Business report cited grocers who said they could not stock Dole salads. And Lazapoulos told retailers that operations were down for the day and shipments were on hold. In addition to alerting law enforcement and investigating the incident, he said, “All our businesses are implementing our Crisis Management Protocol to resume ‘business as usual’ post haste, inclusive of our Manual Backup Program, if needed.”
The Dole attack followed a familiar pattern. “Similar to other devastating ransomware attacks we have seen recently, these attacks are highly targeted and existing technologies are insufficient to cope with these modern attack variants,” said Darren Williams, CEO and founder of BlackFog.
The speed at which attackers can breach and leverage a network infrastructure is now unparalleled, with the time to deployment down from 60 days to less than four days,” said Williams. “Detecting and responding to these events manually is no longer feasible for an organization. Focus must be around prevention and stopping data exfiltration before any damage can be done.”
The incident at Dole highlights how devastating ransomware can be—and the damage often doesn’t stop with the victimized company. “When ransomware attacks force giant food processing operators like Dole to shut down production, the effects can ripple through the entire economy,” Gammelgaard said.
“Threat actors have significantly accelerated their deployment of ransomware, from an average of 60 days per attack in 2019 to less than four days in 2021, according to a recent IBM report,” he said. “Even for large multinational companies such as Dole, staying on top of network vulnerabilities and updating prevention-based security constantly is very difficult. You will be breached and you’d best be prepared.”
Image Source: Photo by Ashley Hajimirsadeghi on Unsplash