The long-term
impact of COVID-19 on ag retailers was the subject of a Dec. 2 panel discussion
at the Agricultural Retailers Association’s (ARA) 2021 Conference and Expo in
San Antonio, Texas. Matt Carstens, President and CEO of Landus Cooperative in
Ames, Iowa, said Landus immediately shut its corporate office in the early days
of the pandemic, and also instituted work-from-home and contactless delivery
policies.
“And we had our
best spring season ever,” he said, noting that the company gained an average of
three more productive hours per day with employees working from home. As a
result, he said Landus has now reduced its in-office staff to roughly 15 from a
pre-pandemic roster of 70-80. A poll of Landus employees found that 92 percent
were either neutral or positive about working from home, he said.
Clay Houchin, CEO
of Buttonwillow Warehouse Co. in Buttonwillow, Calif., said his company gave
employees the option of working at home and “bought a lot of plexiglass” for
those who opted to stay in the office. He said navigating the policy was a
challenge, but above all, the company “wanted employees to feel safe.”
He said a
particular challenge was dealing with a politically polarized workforce. “This
issue was right in the workplace, fed by social media,” he said. “It was
dangerous how divisive an issue can be.” Carstens agreed. “The smartest thing
we did was to force everyone to play by the same rules,” he said.
A separate presentation
at the conference provided a detailed look at how an agricultural cooperative
responded to a recent ransomware attack. Brad Brown, Assistant General Manager
at Augusta Cooperative Farm Bureau Inc. in Staunton, Va., said his company was
hit on July 15, 2021, at 4:00 p.m. with an attack from a group known as Suncrypt.
He estimates that Suncrypt gained access to Augusta’s system roughly 13 hours
before contact was made, likely through a phishing email.
While staff immediately shut down Augusta’s 85 computers, which had all simultaneously gone to white screens, two printers began spitting out ransom notes notifying the company that it had been hacked and to await further instructions. He said staff were also “bombarded” by calls from hacked phones within the company.
Brown said Augusta
immediately called its banking partners, along with all stores and store
managers, and pulled in local IT experts that included a forensics team, a
privacy attorney, and a negotiator. Also on the team was Mike Moore, Executive
VP of EFC Systems, which helps restore data and provides tech security.
Brown said all of the company’s computers were wiped by 10:00 p.m. that same day. About two-and-a-half days after the attack, a negotiator with Suncrypt initiated contact and demanded $500,000 in ransom, via bitcoin.
By this time,
Brown said Augusta was aware that the attack had hit its HR and controller
systems, but the company’s customer data was secure. Augusta also had a sound
backup system, which allowed its tech infrastructure to be fully operational is
less than a week.
Brown said Augusta
decided nothing would be gained by paying the ransom, but the company’s
negotiators engaged in delay tactics with Suncrypt, and the ransom demand fell
from $500,000 to $33,000 over a two week period. The last contact with Suncrypt
was on Aug. 14, nearly a month after the attack. No ransom was ever paid.
Brown and Moore
said many lessons were learned from the incident. Augusta was forced to go to
hand tickets while its systems were down, which Brown said was “a huge learning
process.” The attack also prompted a “massive rebuild” of the company’s IT
security. While Augusta’s insurance provider covered software investments to
rebuild, Brown said the policy would only pay out a total of $10,000 in ransom.
“In the ag industry, less than one percent of the annual budget is typically spent on tech and tech-related issues,” Moore said. As cyber-attacks grow in number and complexity, and target smaller, unlikely companies such as Augusta, Moore said ag companies “will be obligated to pay more for tech security going forward.”
New Cooperative
Inc., Fort Dodge, Iowa, with struck by a ransomware attack on or around Sept.
17 (GM Sept. 24, p. 1), and Crystal
Valley, a farm supply cooperative headquartered in
Mankato, Minn., posted an alert on its website on Sept. 21 (GM Oct. 1, p. 1) confirming that it had
been targeted in an attack that infected its computer systems and “severely
interrupted the daily operations of the company.”