JBS, the world’s largest meat producer, was targeted by a sophisticated cyberattack last weekend. The company’s computer networks were hacked, disrupting production in the US, Canada and Australia. JBS believes a Russian criminal organization was responsible for the ransomware attack, Reuters reported. So how did this happen and why wasn’t JBS better protected against hackers?
First discovered Sunday, May 30th, the JBS cyberattack is the latest in a string of attacks against major companies with important roles in the global economy. The incident follows just weeks after an attack on Colonial Pipeline, America’s largest fuel pipeline, which halted fuel delivery for several days in the southeastern part of the country. This attack was also carried out by a Russian hacking group called DarkSide that walked away with nearly $5 million in ransom.
In a ransomware attack, a victim’s files are encrypted and the attacker typically demands a ransom to restore access to the data upon payment. The victim, JBS in this case, was likely given instructions for how to pay a fee in order to get the decryption key. JBS and other meat-processing players rely on software and IT systems for sorting and tracing animals, as well as record-keeping to meet regulatory standards.
“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” said Karine Jean-Pierre, a spokeswoman from The White House.
Despite JBS’s foothold in the meat market and its size as an international corporation, former director of the US Cybersecurity and Infrastructure Security Agency, Christopher Krebs, warned that no one is safe from cyberattacks of this nature. Krebs added that “everyone is in play” and vulnerable to the kind of international criminal hacking gangs causing havoc through attacks on US local government systems.
As for where the attack left JBS, the company said in a statement that it took immediate action by suspending all affected systems, notifying authorities and activating its global network of IT professionals and third-party experts to resolve the situation. The company’s backup servers were not affected, and JBS is actively working with an incident response firm to restore its systems as soon as possible.
But despite its efforts, the attack took an immediate toll on the company’s operations. Since it shut down its digital record-keeping, JBS was unable to process slaughtered carcasses and was forced to turn to pen-and-paper documentation while the meat remained in the chiller. Some plants were forced to shut down entirely, including the company’s plant in Cactus, Texas and shifts at the company’s largest US slaughterhouse in Greeley, Colorado were also cancelled.
According to Beef Central, “many of those ‘stranded’ carcasses are high-value Wagyu being serviced killed for other supply chains.” However, the attack will also have an impact on meat destined for US consumers, depending on how long the shutdown lasts. The temporary closures caused the US Department of Agriculture (USDA) to delay its reports on livestock and meat prices; however, prices are likely to rise the longer the shutdown lasts.
Senator John Thune of South Dakota said, “Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat processing capacity.”