Cybersecurity: Commodity Market Safety a High Priority – DTN

    Wheat, corn, barley, grain market index. - Photo: Pavel Ignatov

    When it comes to a cyberattack, just how safe are the world’s commodity markets?

    Agricultural futures and cash markets are key components to the daily functioning of the industry, as a whole. Contacted for this article, the Chicago Mercantile Exchange (CME) would not provide anyone from their security team to answer questions regarding the safety of the marketplace. The CME did, however, share a statement and a copy of their annual report for 2020.

    CME reported having 40 global employees on a cyber defense team and nearly 1,500 security incidents successfully managed (in 2020).

    The statement, provided to DTN by spokesperson Laurie Bischel, says CME Group has been advancing systems, resources and processes to protect the company and its data.

    “Our state-of-the-art Cyber Defense Center links virtually to our international operational cybersecurity teams and serves as a hub, allowing us to efficiently manage and quickly investigate thousands of cybersecurity events on a daily basis. CME Group’s Global Information Security team conducts analysis and collaborates to efficiently respond to any systemic events that might threaten our industry and economy.”

    As big as CME is, it bears noting that other “big” entities with cybersecurity teams have already been the target of major attacks in 2021. One of the most frequent names appearing in the list is that of REvil, a suspected hacker group based out of Russia. The group’s name, referring to the malware they created, combines the words “ransomware” and “evil.”


    1. COLONIAL PIPELINE — Ransom paid of $4.4 million in bitcoin; much of that recovered by U.S. law enforcement. Suspected hacker: REvil.

    2. BRENNTAG — A chemical distribution company, paid $4.4 million. Suspected hacker: REvil.

    3. ACER — A computer manufacturer, $50 million ransom. Suspected hacker: REvil.

    4. JBS FOODS — A meat-processing company, paid $11 million. Suspected hacker: REvil.

    5. QUANTA — A computer manufacturer and business partner of Apple, $50 million ransom. Suspected hacker: REvil.

    6. NATIONAL BASKETBALL ASSOCIATION — A hack of confidential data regarding the Houston Rockets, no known ransom paid. Suspected hacker: Babuk.

    7. AXA — A European insurance company, hit after announcing they would stop reimbursing many clients for ransomware payments, no ransom payment made public. Suspected hacker: Avaddon.

    8. CAN — An insurance firm, no ransom payment made public. Suspected hacker: Evil Corp.

    9. CD PROJEKT — A videogame development firm out of Poland, no ransom paid due to backups in place. Suspected hacker: HelloKitty.

    10. KIA MOTORS — A car manufacturer and subsidiary of Hyundai, demand for $20 million ransom not confirmed. Suspected hacker: DoppelPaymer.


    Last in the series: Practical advice to protect you, your family and business from a data breach.

    You can find earlier stories in this series at:

    Victoria Myers can be reached at

    Follow her on Twitter @myersPF

    The Latest

    Send press releases to

    View All Events

    Send press releases to

    View All Events