CANBERRA, Australia – (AP) – The world’s largest meat processing company goes back online after a similar incident disrupted production around the world by a cyberattack just weeks after a similar incident caused a U.S. oil pipeline to shut down.
Brazil’s JBS SA announced late Tuesday that it had made “significant progress” in combating the cyberattack and expects the “vast majority” of its plants to go live on Wednesday.
“Our systems are coming back online and we are not sparing resources to combat this threat,” said Andre Nogueira, CEO of JBS USA, in a statement.
The White House had previously announced that JBS had informed the US of a ransom demand from a criminal organization likely based in Russia. White House deputy press secretary Karine Jean-Pierre said the White House and the Department of Agriculture had contacted the company several times this week.
JBS is the second largest producer of beef, pork, and chicken in the United States. If it closed for even a day, the US would lose nearly a quarter of its beef processing capacity, or the equivalent of 20,000 cattle, Trey Malone, assistant professor of agriculture at Michigan State University.
The closings reflect the reality that modern meat processing plants are highly automated for reasons of food and work safety. Computers collect data at multiple stages in the production process, and orders, invoices, shipping, and other functions are all electronic.
JBS, which has not publicly stated that the attack was ransomware, said the cyber attack affected servers that support its operations in North America and Australia. Backup servers were not affected and it is not known that customer, supplier or employee data has been compromised.
JBS plants in Australia resumed restricted operations on Wednesday in the states of New South Wales and Victoria, said Agriculture Secretary David Littleproud. The company hoped to resume operations in the state of Queensland on Thursday, he said.
JBS is the largest meat and food processing company in Australia with 47 facilities including slaughterhouses, feedlots and meat processing facilities.
Littleproud said his department and Australian law enforcement agencies would meet with their counterparts in the United States on Wednesday.
Even before the attack, US meat prices rose due to coronavirus shutdowns, bad weather and high levels of absenteeism in the factories. Malone said the disruption could further increase meat prices before the summer barbecues. The US Department of Agriculture estimates that beef prices will increase by 1 to 2% this year, poultry by 1.5% and pork by 2 to 3%.
JBS, the majority shareholder of Pilgrim’s Pride, did not say which of its 84 U.S. facilities closed Monday and Tuesday due to the attack. JBS USA and Pilgrim’s were able to ship meat from almost every facility on Tuesday. The company also said it was making progress in resuming operations in the US and Australia. Several of the company’s pork, poultry and ready-to-eat meals were up and running on Tuesday and the Canadian beef factory resumed production, it said.
Early Tuesday, a union official confirmed two shifts at the company’s largest US beef plant in Greeley, Colorado, had been canceled. According to JBS Facebook posts, some factory shifts in Canada were also canceled on Monday and Tuesday.
Jean-Pierre said the White House “is liaising directly with the Russian government on this matter and sending the message that responsible states do not harbor ransomware criminals”. The FBI is investigating the incident and the Cybersecurity and Infrastructure Security Agency offers technical assistance to JBS.
In addition, the USDA has spoken to several large meat processors in the US to alert them to the situation, and the White House is assessing the potential impact on the country’s meat supply.
JBS employs more than 150,000 people worldwide.
It’s not the first time a ransomware attack has been targeted on a food company. Last November, the Milan-based Campari Group announced that it had been the victim of a ransomware attack that caused a temporary technology failure and compromised some business and personal information.
In March, Molson Coors announced a cyberattack that affected manufacturing and shipping. Molson Coors said it was able to get some of its breweries up and running in 24 hours; others took several days.
Ransomware expert Brett Callow, a threat analyst at security firm Emsisoft, said companies like JBS are ideal targets.
“They play a critical role in the food supply chain and threat actors likely believe this increases their chances of getting a quick payout,” said Callow.
Mark Jordan, who oversees the meat industry as executive director of Leap Market Analytics, said the disruption will be minimal as JBS recovers over the next few days. Meat processors are used to delays due to various factors such as work accidents and power outages. They make up for lost production with extra shifts, he said.
“Having multiple lines of a large meat packer going offline for a few days is a big headache, but it’s manageable given that it doesn’t go much further than that,” he said.
Meat demand in the US generally declines for a few weeks between Memorial Day and Independence Day on July 4th.
But such attacks can have devastating consequences. Last month, a gang of hackers shut down the Colonial Pipeline, the largest US fuel pipeline, for almost a week. The closure sparked long lines and panic buying at gas stations across the southeast. Colonial Pipeline confirmed that it paid the hackers $ 4.4 million.
Jason Crabtree, co-founder of QOMPLX, a Virginia-based artificial intelligence and machine learning company, said Marriott, FedEx and others are also targeted by ransomware attacks. He said companies need to do a better job of quickly detecting malicious actors in their systems.
“Many companies are unable to find and fix various vulnerabilities faster than the adversaries they are fighting,” said Crabtree.
Crabtree said the government also played a crucial role, saying President Joe Biden’s latest cybersecurity executive order – which requires all federal agencies to put in place basic security measures like multi-factor authentication – was a good start.
___
Durbin reported from Detroit. AP writer Alan Suderman in Richmond, Virginia and Alexandra Jaffe in Washington contributed.
Copyright 2021 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed in any way without permission.