A new ransomware attack has been carried out, this one disrupting the world’s largest meat production plant

A new ransomware attack has been carried out, this one disrupting the world’s largest meat production plant
Source: Bing Guan, Reuters
JBS has not stated the total cost of the ransom demanded nor whether it paid it.

  • Earlier in May, a major pipeline was hacked and its information held hostage in a ransomware attack that disrupted the daily lives of millions of Americans.
  • Ransomware attacks have become an increasing threat and the White House has made addressing them a top priority.

So what exactly happened to JBS?

  • Last weekend, Brazil’s JBS, the world’s largest meat processing company, was the victim of a ransomware attack.
  • According to the company’s website, JBS (which stands for José Batista Sobrinho, the initials of the company’s founder) has the “capacity to process more than 200,000 cattle, 500,000 hogs, 45 million chickens and 80,000 small stock (lambs, sheep, goats and veal calves) per week, providing more than 32 billion pounds of product each year to markets in the U.S., Mexico, Canada, Europe, the Middle East, Africa and Asia, among others.”
  • The public was made aware of the ransomware attack after JBS released a statement on May 31.
  • “On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems," the company said in a statement. “Resolution of the incident will take time, which may delay certain transactions with customers and suppliers."
  • The attack halted operations across the United States, Canada and Australia as the company thought about what to do next. The company was ultimately forced to stop 7,000 workers across its Australian operations and up to 3,000 workers in Canada and the US from working so the issue could be addressed.

Is this the same group that attacked the Colonial Pipeline last month?

  • Actually, no, but both groups are based out of Russia which is a growing concern for the White House.
  • The Federal Bureau of Investigation (FBI) accused a hacker group that calls itself DarkSide of being the primary entity responsible for the ransomware attack on the Colonial Pipeline.
  • The FBI attributed this most recent attack on JBS SA to a criminal organization known as REvil, a Russian gang that has made some of the largest ransomware demands on record in recent months.
  • In April 2021, REvil stole secret hardware plans for upcoming, unreleased Apple products. REvil threatened to release the plans publicly unless they received US$50 million.

How did the JBS attack get resolved?

  • As of today, the company is back to full production, but it expects significant delays to occur for the next few days as it works to catch up.
  • The company has not stated the total cost of the ransom nor whether it paid it.
  • Some believe that JBS paid the ransom since REvil has not uploaded information regarding the ransomware attack, which the organization usually does when the ransom either hasn’t been paid or negotiations are at a standstill.

Why does this matter?

  • Trey Malone, an assistant professor of agriculture at Michigan State University, said that shutting down JBS for only one day could have halted up to 25% of the US’ beef-processing capacity. That’s around 20,000 cows.
  • Cybersecurity attacks are growing more frequent and there’s no telling the effect the next cyberattack could have on the average individual.
  • There are currently more attacks taking place than national news sources can keep up with, including cyberattacks on transportation, health care and now the food industry.

How can these attacks be stopped?

  • Since these attacks are mostly coming from Russian organizations, the Biden administration has been vocal about who it thinks is responsible.
  • White House press secretary Jen Psaki said that President Joe Biden believes that Russian President Vladimir Putin has a responsibility to handle these growing attacks.
  • “I can assure you that we are raising this through the highest levels of the US government," Psaki said. “The president certainly believes that President Putin has a role to play in stopping and preventing these attacks."

Have a tip or story? Get in touch with our reporters at tips@themilsource.com