Cyber Incident Victim: Miratorg Agribusiness Holding

On or around March 22, 2022, Moscow-based Miratorg Agribusiness Holding suffered a significant cyberattack that encrypted its IT systems using the Windows BitLocker feature. The attack was reported by Rosselkhoznadzor, Russia’s federal veterinary and phytosanitary supervision service, which characterized the incident as an act of sabotage rather than financially motivated ransomware. Attackers compromised the company through VetIS, a state information system used by veterinary services and related businesses, indicating a potential supply chain attack vector. The encryption event disrupted operations across multiple Miratorg subsidiaries, including FATEZHSKAYA YAGNYATINA, BRYANSKY BROYLER, and MIRATORG-KURSK. Rosselkhoznadzor publicly framed the incident as part of a broader "informational and economic 'total war'" allegedly waged by Western entities against Russia. Despite the operational disruption, Miratorg asserted the attack would not impact its meat supply or distribution capabilities to Russian consumers.

Rosselkhoznadzor implemented emergency measures to mitigate the attack’s logistical consequences, temporarily suspending standard documentation requirements and permitting handwritten certificates to maintain supply chain continuity. The agency advised all organizations using VetIS to enhance backup procedures and collaborate to reduce systemic risks. The attack highlighted vulnerabilities in critical agricultural infrastructure, particularly systems interfacing with government platforms. No data theft or extortion demands were reported, aligning with the sabotage assessment. Miratorg’s operational resilience claims contrasted with the need for regulatory intervention to maintain documentation workflows. The incident underscored dependencies on centralized veterinary management systems and their potential as attack vectors against food production entities during geopolitical tensions.