JBS SA, the largest meat producer globally, has made “significant progress” to resolve the cyberattack that impacted its global operations and will have the “vast majority” of its plants operational on Wednesday.
“Our systems are coming back online and we are not sparing any resources to fight this threat,” JBS USA Chief Executive Officer
The cyberattack forced the shutdown of all of JBS’s U.S. beef plants -- facilities that account for almost a quarter of American supplies -- according to an official with the United Food and Commercial Workers International Union, which represents workers at the company’s plants in the U.S. All other JBS meatpacking facilities in the country experienced some level of disruption, according to the official.
The weekend attack on the Sao Paulo-based company’s computer networks also forced shutdowns at slaughter operations across Australia and idled one of Canada’s largest beef plants. It’s unclear exactly how many plants globally have been affected because JBS has yet to release those details. The global shutdowns upended agricultural markets and raised concerns about food security as hackers increasingly target critical infrastructure. Livestock futures slumped, while pork prices rose.
A notorious Russia-linked hacking group is behind the cyberattack against JBS, according to four people familiar with the campaign who were not authorized to speak publicly on the matter. The cybergang goes by the name REvil or Sodinokibi.
While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cyber-crime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a dark web blog dubbed, “Happy Blog” to name and shame victims when they decline to engage in ransom negotiations. REvil has yet to post a blog item dedicated to JBS.
The JBS attack comes just three weeks after Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, was targeted in a ransomware attack that was attributed to a group called DarkSide. Experts have said there is some evidence linking the group to Russia. That followed a series of devastating hacks against American government agencies, businesses and health facilities, also often blamed on Russia or Russia-based hackers at a fraught time in relations between the countries.
Meanwhile, the JBS attack is also thrusting America’s system of churning out cheap meat back into the spotlight.
The sector is dominated by a handful of titans -- Tyson Foods Inc., JBS and Cargill Inc. -- which control about two-thirds of America’s beef. Taking down even a few plants can completely disrupt supplies, as seen last year when Covid-19 outbreaks idled plants and sparked meat shortages across the country. The industry is so concentrated that idling the JBS plants meant that the U.S. goverment on Tuesday was prevented from releasing some key
“Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat processing capacity,” said U.S. Senator John Thune of South Dakota, the Senate’s second-most powerful Republican.
There have been more than 40 publicly reported ransomware attacks against food companies since May 2020, said Allan Liska, senior security architect at cybersecurity analytics firm Recorded Future.
So far, it’s unclear what the impact on meat prices will be from this latest attack.
Retailers don’t always like hiking prices on consumers and may try to resist, according to
“How long it goes on will impact to what level consumers start to see something at the grocery stores,” he said in a phone interview.
Livestock producers could see some of the more immediate blow. Chicago cattle futures slumped as much as 3.4% Tuesday, before trimming losses. The slaughterhouse closures are exacerbating an existing supply glut of animals.
JBS is also the owner of Pilgrim’s Pride Corp., the second-biggest U.S. chicken producer. William Callicott, president of the Mid-Atlantic Council of Food Inspection Locals, AFGE, said at least two Pilgrim’s Pride poultry plants in Chattanooga, Tennessee, were closed due to the cyberattack.
UFCW Internatioanl President
JBS owns facilities in 20 countries. Its Canada beef facility has resumed production, the company said. Plants in Cactus, Texas, and Grand Island, Nebraska, were planning to resume at least some operations, according to Facebook posts.
--With assistance from
To contact the reporters on this story:
To contact the editors responsible for this story:
Millie Munshi, Joe Carroll
© 2021 Bloomberg L.P. All rights reserved. Used with permission.