JBS Foods, the world’s largest packaged meat processor, suffered a ransomware cyberattack that forced it to close plants in Australia, Canada and the United States.
The White House said the attack likely came from Russia. JBS Foods stopped slaughtering cattle.
Following the cybersecurity attack that affected some of JBS Foods’ servers supporting IT systems in the countries mentioned above, the company took immediate action, suspending all affected systems, notifying the authorities and activating a protocol to resolve the situation.
Following the incident, the White House said the cyberattack likely originated from a Russian-based organization that issued a ransomware demand for data.
The official further revealed that the FBI is investigating the incident, and the Infrastructure Security Agency (CISA) is providing technical support for JBS Foods to recover from the ransomware attack.
In addition, the U.S. Department of Agriculture (USDA) has been communicating with several major meat processors within the country to ensure they are aware of the incident.
“We again want to draw the attention of organizations – both public and private – to understand the new threat vectors, implement more stringent security policies and controls, invest in proactive threat management and allocate proper budgets for cybersecurity” said Praveen Sengar, CEO at ETEK International Corporation. “Cybersecurity should no longer be seen as a cost center and should be looked as a core to the business with a vision to bring all security investments together and modernize cyber defenses”.
JBS Foods markets beef and pork under the Swift brand through retailers such as Costco Wholesale Corp; it also owns a majority stake in chicken processor Pilgrim’s Pride, which sells organic chicken under the Just Bare brand.
Continued closures of JBS Foods plants are likely to threaten to increase meat prices for U.S. consumers for the upcoming summer season, as well as disrupt meat exports to high-demand geographies, including China.
The cyberattack on JBS Foods follows a large-scale attack on the Colonial Pipeline – the largest pipeline in the United States – which after May 6, 2021, crippled fuel supplies for several days in the North American Southeast.
“Supply chains – which include supply, manufacturing, warehousing, storage, distribution and retail operations – are an intrinsic part of our society and daily lives and are highly sensitive and vulnerable to ransomware attacks,” concluded Praveen Sengar. “Organizations need to assess supply chain risk and ensure that the right controls are implemented across the supply chain.”
It is not enough to contain the attack; corporate leaders must establish a clear plan on the next steps, bearing in mind both financial and legal obligations. Besides, it is strongly recommended defining how to proactively prevent ransomware attacks, including contingency plans, raising user awareness, deploying EDR, centralizing remote work policy deployment and performing threat assessments.