Bags of Dole celery in a supermarket showing ransomware attack

Dole Food Company Temporarily Halts Operations After Ransomware Attack

The North American food giant Dole Food Company has confirmed a ransomware attack that disrupted regional operations.

Dole said it engaged leading third-party cybersecurity experts to investigate the scope of the attack and notified law enforcement agencies.

“Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole’s internal teams to remediate the issue and secure systems,” reads a statement on its website.

With an annual revenue of $6.5 billion and a workforce of 38,000 employees, Dole is one of the world’s largest distributors of fresh fruits and vegetables.

Dole halts production and shipments after a ransomware attack

According to a leaked memo, the company had temporarily shut down production plants in North America and suspended shipments.

“Dole Food Company is in the midst of a cyberattack, and have subsequently shut down our systems throughout North America,” Dole’s senior vice president Emanuel Lazopoulos wrote. “Our IT group is working hard on mitigating the issues in order to get our systems up and running ASAP.”

Dole also hinted that it could resort to the “manual backup program” to overcome the impacts of the ransomware attack, which the company described as “limited.”

Stephan Chenette, co-founder and CTO at AttackIQ, cautioned that ransomware attacks on food processors might be devastating, adding that grocery stores had experienced shortages after Dole closed its North American production plants.

“The recent ransomware attack against Dole Food Company is an unfortunate reminder that the target on the food and beverage industry hasn’t gone anywhere,” said Chenette. “Just last December, Sobeys, a major Canadian food retail giant, suffered a ransomware attack that cost the company around $25 million.”

Customers have previously complained of salad kits shortages, but Dole hasn’t confirmed whether the incident was to blame. However, on February 23, 2023, Adam Wolfe, a shop manager at Clayton Ranch Market in Oklahoma, told CNN that the shortages resulted from the Dole ransomware attack.

Meanwhile, the West Lake, California-based food processor did not disclose the culprit or when the ransomware attack occurred.

Additionally, Dole did not provide a timeline for resolving the issue but promised that cyber experts were relentlessly working to restore the systems as soon as possible.

Ransomware attacks increasingly target food and agriculture organizations

The food and agriculture sector, part of the nation’s critical infrastructure, has become an attractive target for ransomware attacks.

In May 2021, a ransomware attack on the world’s largest meat processor JBS shut down plants in multiple countries, forcing the company to pay $11 million in ransom.

In 2021, the FBI Cyber Division issued a private industry notification listing several food and agriculture entities impacted by ransomware attacks. The list included a US bakery, farm, beverage company (Molson Coors), meat processor (JBS), and an international food and agriculture business. Other independently confirmed ransomware victims include AriZona Beverages and candymaker Ferrara Pan.

The FBI warned that ransomware attacks on food and agriculture organizations could “disrupt operations, cause financial loss, and negatively impact the food supply chain.”

In April 2022, the United States Department of Agriculture (USDA) and the Cybersecurity and Infrastructure Security Agency (CISA) warned about timed ransomware attacks targeting food and agriculture organizations, specifically agricultural cooperatives.

However, ransomware attacks are hardly the only cyber threats facing food and agriculture organizations. In December 2022, the FBI, FDA, and USDA warned about scammers using business email compromise (BEC) attacks to defraud these businesses.

Dole Food Company has confirmed a #ransomware attack that disrupted regional operations. Leaked memo shows that production was temporarily halted in several plants and deliveries suspended. #cybersecurity #respectdataClick to Tweet

Morten Gammelgaard, co-founder at BullWall, warned that ransomware attacks on food processors could “ripple through the entire economy.”

“The Dole ransom attack highlights how the just-in-time nature of food supply chains makes them particularly vulnerable to financially motivated cyberattacks, like ransomware,” Gammelgaard said. “As production and distribution are tightly coordinated to minimize waste and cost, any disruption caused by a cyberattack can have a ripple effect throughout the supply chain, leading to shortages and inevitable price increases.”