The largest dairy processing plant in southern Siberia, the Semyonishna plant, was recently disrupted by a ransomware attack, reportedly involving the LockBit variant. The attack, which took place in December, targeted the plant’s systems, leading to the encryption of company data. The breach is suspected to be linked to the plant’s involvement in supporting Russian troops in Ukraine, specifically through the provision of humanitarian aid, including drones. The attackers used the remote access software AnyDesk to spread the ransomware across the company’s network, with the plant’s systems reportedly lacking antivirus protection.
During the attack, hackers sent a message to the company’s printers, accusing the Semyonishna plant of supporting the Russian government’s war efforts and condemning the company’s contributions to the military. Despite this, the attack did not affect the plant’s milk processing operations, but it did interfere with the company’s ability to label products under Russia’s government-run tracking system, which ensures product safety and combats counterfeit goods. The plant’s management and local authorities have not disclosed whether the hackers demanded a ransom or if any negotiations occurred.
In an interview, Valery Levitsky, the director of Sayanmoloko, the dairy company that owns the Semyonishna plant, stated that operations had resumed to normal.
However, the company’s website remained nonfunctional, only displaying a logo and comments mocking the design. This incident follows a previous cyberattack on another Russian dairy producer earlier in the year, which resulted in a month-long halt to cheese production and shipments. In that case, the company’s CEO speculated that Western intelligence agencies might have been involved in the attack.
This incident is part of a broader trend of cyberattacks on Russian corporations, particularly within the agro-industrial sector. In addition to the attack on the Semyonishna plant, several large Russian companies have faced similar breaches, including an April ransomware attack on one of Russia’s major agro-industrial companies, where hackers demanded a ransom of nearly $6 million. The rise in cyberattacks coincides with escalating geopolitical tensions, with some groups claiming responsibility for breaches linked to pro-Ukraine causes.
Reference:
