WASHINGTON — JBS, the world’s largest meat processor, was the target of a ransomware attack, the White House said Tuesday, in what company officials believe to be an extortion attempt perpetrated by a criminal group likely based in Russia.
Cyberattacks have become commonplace, but the hack against JBS is the latest high-profile incident to highlight the massive vulnerability of corporations, government agencies, and civil society groups, as suspected foreign hackers become more brazen in their demands.
JBS said in a news release that it detected the intrusion on its computer networks in North America and Australia on Sunday, but that its backup servers were not affected. The company, which is working with an outside cybersecurity firm to restore its systems, said it is unaware of any evidence the attackers compromised or misused data tied to its customers, suppliers, or employees. JBS said work on a resolution “may delay certain transactions with customers or suppliers.“
JBS did not immediately respond to a request from The Washington Post for comment.
JBS said it notified the White House of the ransomware attack on Sunday and followed up with the administration the next day to say that the ransom demand came from a criminal group, likely tied to Russia, according to deputy White House press secretary Karine Jean-Pierre, who spoke to reporters aboard Air Force One on Tuesday. “The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals,“ Jean-Pierre said.
The FBI is investigating the attack and the US Department of Agriculture has reached out to several major meat processors to alert them of the situation. Officials are assessing the cyberattack’s effect on the nation’s meat supply, she said, as the administration works to mitigate its impact.
President Biden had already launched a “rapid strategic review“ to address the increased threat of ransomware, to include building a global coalition to hold countries who harbor ransomware criminals accountable. It builds on an executive order Biden signed last month to reduce the risk of cyberattacks against the federal government, including ransomware — an effort the administration would like to see extend to the private sector.
Food production is one of the nation’s 16 critical infrastructure sectors, as defined by the Department of Homeland Security.
“Food processing has been a target for ransomware actors,“ said Allan Liska, senior intelligence analyst at the cyber firm Recorded Future. “We know of at least 40 that have been publicly reported over the last year, and the number is probably significantly higher than that.“
The cyberattack is the latest to target a crucial supply chain or large institution. Three weeks ago, the Colonial Pipeline hack disrupted a key piece of the East Coast’s fuel infrastructure, setting off panic buying and temporary gasoline shortages across several states and in the nation’s capital.
Hackers walked away from the ransomware attack with $4.4 million, according to Colonial Pipeline’s chief executive, Joseph Blount. Federal officials have linked the attack to a Russia-based black hat group called DarkSide that researchers say has extracted $46 million in ransom payments this year alone. Despite the controversial decision to pay off bad actors, which may incentivize them to pursue even more attacks, Blount described the payment as “the right thing to do for the country,“ given the critical importance of his company’s infrastructure.
The need to better secure the nation’s supply chains prompted the Department of Homeland Security last month to issue security directives to regulate the pipeline industry for the first time.
The average payment handed over to end a ransomware attack — like the kind that brought down Colonial — more than doubled in 2020 to $312,000, compared with the year prior, according to the cybersecurity company Palo Alto Networks.
A breakdown in the food supply chain emerged as an early flash point during the initial spread of the coronavirus last year. As the outbreak tore through meatpacking factories, hundreds of workers fell ill, forcing slaughterhouses owned by Tyson, Smithfield Foods, and JBS USA to shutter.
JBS sent a text alert to workers at their Greeley, Colo., plant — the company’s largest facility — Monday night informing them to not show up for their shifts on Tuesday morning, according to a union representative. Nearly 3,000 workers at the plant were affected by the closing.
Five of JBS’s largest beef plants in the United States have ceased processing, Bloomberg reported, knocking out almost one-fifth of the country’s beef production capacity.
“It’s piling up bad news on top of bad news,“ said Don Close, senior animal protein analyst for Rabobank.
Months of shutdowns and plant slowdowns due to the public health crisis created a backlog for suppliers. Amplifying the logjam, producers weren’t able to ship enough cattle. Combined with labor shortages in the meatpacking industry and surging export and domestic demand, prices for beef and pork are surging.
As of April, the UN’s Food and Agriculture Organization has recorded seven consecutive months of rising meat prices globally. Prices in April were 5.1 percent higher than a year ago. In the United States, prices continue to climb even after consumers saw the sharpest increases in meat, poultry, fish and egg prices in nearly 50 years at the onset of the pandemic.
JBS is the top beef producer in the United States and the No. 2 producer of pork and poultry, according to its website. It is the largest meat and food processing company in Australia.