Russian Hackers Target American Cannabis Companies

Over the past week, alleged Russian hackers have attacked two American cannabis companies, prompting cybersecurity experts to warn all cannabis growers about the looming threat. The attackers are demanding ransom payments from marijuana producers.

Cybersecurity advisor John Riggi attributed the breaches of the cannabis firms to the hacker group Everest Ransomware, which he says plays a significant role in Russia’s shadow economy. Members of this group gain unauthorized access to victims’ equipment and sell this access to other criminals, who then carry out attacks and infect devices with ransomware. These malicious programs encrypt data, and the criminals provide decryption keys in exchange for cryptocurrency payments.

Employees of the Cannabis Information Sharing and Analysis Organization, who reported the breaches, did not disclose the names of the affected cannabis businesses but noted that the two companies had worked together. This suggests that the computers of the second company may have been infected through a local network. Given that two cannabis firms were targeted in a short period, experts believe hackers are focusing on the cannabis industry, and the number of victims may increase in the future. To improve cybersecurity, experts recommend using a collective security system rather than trying to fend off attacks individually.

Criminals Could Disrupt the Cannabis Industry

The largest cyberattack on the cannabis sector occurred in 2022, when hackers managed to breach the computers of Domain Logistics, a logistics company responsible for delivering cannabis products for the Ontario Cannabis Store. This organization was the sole wholesale supplier of cannabis in the Canadian province of Ontario, supplying retail stores. When Domain Logistics’ computers went down, cannabis deliveries to retail outlets stopped, resulting in a regional cannabis shortage.

In 2023, ransomware attacks generated a record $1.1 billion in revenue for their creators, nearly double the amount from 2022 and the first time in history that the figure exceeded $1 billion. Victims of these hacker-extortionists included hospitals, schools, government agencies, the British Broadcasting Corporation (BBC), British Airways, and many other businesses. MGM Resorts International, which owns hotels and casinos in several countries, was also attacked but refused to pay the ransom, suffering losses of over $100 million.