IT systems of top Russian meat producer, Miratorg encrypted by threat actors using the Windows BitLocker feature

On Thursday 17^th of March 2022, an announcement by Rosselkhoznadzor, the Russian federal veterinary and phytosanitary supervision service revealed that Miratorg Agribusiness Holding, Moscow-based meat producer and distributor has experienced a cyberattack which resulted in their IT systems being encrypted using the Windows BitLocker feature to encrypt files and therefore having a similar impact of a ransomware attack. Rosselkhoznadzor stated in the announcement that the reason behind the attack appears to be sabotage and not financial as Miratorg is one of Russia’s largest and food suppliers. It is believed that the threat actors compromised Miratorg’s systems by targeting and compromising system known as VetIS which is a state information system for organisations within the veterinary field.

Miratorg has published their own statement on the incident where they stated that they are already working towards resolving the impacts of the incident and restoring the normal functioning of the business. Miratorg also stated that the incident has not affected their supply and shipments to Russian citizens. Although Rosselkhoznadzor has assisted Miratorg in the hope of reducing the impact of the incident by temporarily lifting the strict documentation requirements for the movement of their products. Rosselkhoznadzor has also recommended all companies in Russia which are using VetIS to create backups of their files and databases on non-volatile media.