JBS meat processing reopens plants after cyberattack
The company is returning to regular operations after the attack, which may be the largest on a food company yet.
June 2, 2021
CANBERRA, Australia — The world’s largest meat processing company has resumed most production after a weekend cyberattack, but experts say the vulnerabilities exposed by this attack and others are far from resolved.
JBS told the federal government the ransom demand came from the ransomware gang REvil, which is believed to operate in Russia, according to a person familiar with the situation who is not authorized to discuss it publicly.
JBS hasn’t addressed the ransom demand in its public statements. Phone and email messages seeking comment were left with the company Wednesday.
JBS said late Tuesday that it had made “significant progress” in dealing with the cyberattack and expected the “vast majority” of its plants to be operating Wednesday. The attack affected servers supporting JBS’ operations in North America and Australia. Backup servers weren’t affected and the company said it was not aware of any customer, supplier or employee data being compromised.
“Our systems are coming back online and we are not sparing any resources to fight this threat,” Andre Nogueira, CEO of JBS USA, said in a statement.
FBI Statement on JBS Cyberattack https://t.co/jGe1LXfbmY pic.twitter.com/gyPSCHmAob
— FBI (@FBI) June 2, 2021
Ransomware expert Allan Liska of the cybersecurity firm Recorded Future said the attack on JBS was the largest yet on a food manufacturer. But he said hackers have targeted at least 40 food companies over the last year.
Food companies, Liska said, are at “about the same level of security as manufacturing and shipping. Which is to say, not very.”
The attack was the second in a month on critical U.S. infrastructure. In May hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week.
JBS is the second-largest producer of beef, pork and chicken in the U.S.
Principal deputy press secretary Karine Jean-Pierre said Tuesday the White House “is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals.” The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is offering technical support to JBS.