Home Posts After A Ransomware Attack, JBS Says Most Of Its Meat Plants Will Reopen On Wednesday.
After A Ransomware Attack, JBS Says Most Of Its Meat Plants Will Reopen On Wednesday.

After A Ransomware Attack, JBS Says Most Of Its Meat Plants Will Reopen On Wednesday.

CANBERRA, Australia (AP) — The world's largest meat processing company is resuming operations after a cyberattack disrupted production around the world, just weeks after a similar incident shut down a US oil pipeline.

JBS SA of Brazil announced late Tuesday that it had made "significant progress" in dealing with the cyberattack and that the "vast majority" of its plants would be operational on Wednesday.

“Our systems are returning to service, and we are deploying all available resources to combat this threat,” JBS USA CEO Andre Nogueira said in a statement.

Earlier this week, the White House said JBS notified the US of a ransom demand from a criminal organization most likely based in Russia. White House principal deputy press secretary Karine Jean-Pierre said the White House and the Department of Agriculture had been in contact with the company several times this week.

According to Trey Malone, an assistant professor of agriculture at Michigan State University, if JBS were to close for just one day, the United States would lose nearly a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows.

The closures reflect the fact that modern meat processing plants are heavily automated, for both food and worker safety reasons. Computers collect data at multiple stages of the production process, and orders, billing, shipping, and other functions are all done electronically.

JBS, which has not publicly stated that the attack was ransomware, stated that the cyberattack affected servers supporting its operations in North America and Australia, but not backup servers, and that no customer, supplier, or employee data had been compromised.

JBS plants in Australia resumed limited operations on Wednesday in the states of New South Wales and Victoria, Agriculture Minister David Littleproud said, adding that the company hoped to resume operations in Queensland on Thursday.

JBS is Australia's largest meat and food processing company, operating 47 abattoirs, feedlots, and meat processing plants.

Littleproud stated that his department and Australian law enforcement officials would be meeting with their counterparts in the United States on Wednesday.

Even before the attack, U.S. meat prices were rising due to coronavirus shutdowns, bad weather, and high plant absenteeism, according to Malone, who believes the disruption will raise meat prices even further in time for summer barbecues. The U.S. Department of Agriculture predicts beef prices will rise 1%-2% this year, poultry prices by up to 1.5%, and pork prices by up to 3%.

JBS, a majority shareholder in Pilgrim's Pride, did not specify which of its 84 U.S. facilities were closed Monday and Tuesday as a result of the attack, but it did say JBS USA and Pilgrim's were able to ship meat from nearly all of its facilities on Tuesday. The company also said it was making progress toward resuming plant operations in the United States and Australia.

Earlier Tuesday, a union official confirmed that two shifts at the company's largest beef plant in the United States, in Greeley, Colorado, had been canceled, as had some shifts at JBS's Canadian plants on Monday and Tuesday, according to JBS Facebook posts.

The White House is "engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals," according to Jean-Pierre. The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is providing technical assistance to JBS.

Furthermore, the USDA has notified several major meat processors in the United States of the situation, and the White House is assessing the potential impact on the nation's meat supply.

JBS employs over 150,000 people throughout the world.

It is not the first time a food company has been the target of a ransomware attack. In November, Milan-based Campari Group announced that it had been the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.

Molson Coors announced a cyber attack in March that disrupted production and shipping. Molson Coors stated that some of its breweries were back up and running within 24 hours, while others took several days.

According to Brett Callow, a threat analyst at security firm Emsisoft and a ransomware expert, companies like JBS are ideal targets.

“They play an important role in the food supply chain, and threat actors are likely to believe that this increases their chances of receiving a quick payout,” Callow said.

As the executive director of Leap Market Analytics, Mark Jordan, who follows the meat industry, believes the disruption will be minimal if JBS recovers in the next few days. Meat processors are used to delays due to a variety of factors such as industrial accidents and power outages, and they compensate for lost production by working extra shifts, he says.

“Several plants owned by a major meatpacker going offline for a couple of days is a major headache, but it is manageable assuming it does not extend much further,” he said.

Between Memorial Day and the July 4 Independence Day holiday, meat demand in the United States generally decreases for a few weeks.

However, such attacks can be devastating. For example, last month, a gang of hackers shut down the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week, causing long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid the hackers $4.4 million.

According to Jason Crabtree, co-founder of QOMPLX, a Virginia-based artificial intelligence and machine learning company, ransomware attacks have also targeted Marriott, FedEx, and others, and businesses must do a better job of quickly detecting bad actors in their systems.

“A lot of organizations aren't able to find and fix different vulnerabilities faster than their adversaries,” Crabtree said.

Crabtree believes the government must also play a role, and that President Joe Biden's recent executive order on cybersecurity, which requires all federal agencies to use basic security measures such as multi-factor authentication, is a good place to start.

Durbin contributed reporting from Detroit, with assistance from AP Writers Alan Suderman in Richmond, Virginia, and Alexandra Jaffe in Washington.

Leave a Reply

Your email address will not be published, Required fields are marked with *.