Cyberattack on meat packer may impact meat supply (Timeline)

A cyberattack on a Brazil-based meat processing company hindered meat production.

DAVID ZALUBOWSKI/Associated Press

A worker heads into the JBS meatpacking plant in Greeley, CO. The White House confirms that JBS notified the U.S. government May 30, 2021, of a ransom demand from a criminal organization likely based in Russia.

ROD McGUIRK , Associated Press

CANBERRA, Australia — A ransomware attack on the world’s largest meat processing company is disrupting production around the world just weeks after a similar incident shut down a U.S. oil pipeline.

JBS S.A. of Brazil notified the U.S. of a ransom demand from a criminal organization likely based in Russia, White House principal deputy press secretary Karine Jean-Pierre confirmed Tuesday. She said the White House and the Department of Agriculture have been in touch with the company several times this week.

JBS has extensive facilities in the U.S., including processing plants in Texas and Colorado. Two shifts were canceled Tuesday at JBS’ meatpacking plant in Greeley, Colorado, according to UFCW Local 7, which represents 3,000 workers at the plant.

The local union also has unconfirmed reports from workers that production was down on Monday, according to spokesman Dakar Lanzino. Union representatives met to attempt to get more information from the company, Lanzino said.

JBS has not stated publicly that the attack was ransomware.

Jean-Pierre said the White House “is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals.” The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is offering technical support to JBS.

In addition, USDA has spoken to several major meat processors in the U.S. to alert them to the situation, and the White House is assessing any potential impact on the nation’s meat supply.

In a statement Sunday, JBS said the cyberattack affected servers supporting its operations in North America and Australia. JBS employs more than 66,000 people at 84 locations in the U.S. and has around 11,000 employees in Australia, where it is the country’s largest meat and food processing company with 47 facilities.

In this May 12, 2020 photo, the company logo sign sits at the entrance of JBS Australia’s Dinmore meatworks facility, near Brisbane. Thousands of Australian meat workers had no work for a second day on Tuesday, after a the attacked crippled the company. A government minister said it might be days before production resumes.

The company said it notified authorities and engaged third-party experts to resolve the problem as soon as possible. Backup servers were not affected.Thousands of Australian meat plant workers had no work for a second day on Tuesday, and a government minister said it might be days before production resumes. This is not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.

In March, Molson Coors announced a cyberattack that affected its production and shipping.

Ransomware expert Brett Callow, a threat analyst at the security firm Emsisoft, said companies like JBS make ideal targets.

“They play a critical role in the food supply chain and threat actors likely believe this increases their chances of getting a speedy payout,” Callow said.

Last month, hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid $4.4 million to the hackers.

Jason Crabtree, the co-founder of QOMPLX, a Virginia-based artificial intelligence and machine learning company, said Marriott, FedEx and others have also been targeted by ransomware attacks. He said companies need to do a better job of rapidly detecting bad actors in their systems.

“A lot of organizations aren’t able to find and fix different vulnerabilities faster than the adversaries that they’re fighting,” Crabtree said.

Crabtree said the government also plays a critical role and that President Biden’s recent executive order on cybersecurity — which requires all federal agencies to use basic security measures, like multi-factor authentication — is a good start.

 

(Visited 145 times, 1 visits today)