world

U.S. says ransomware attack on meatpacker JBS likely from Russia

12 Comments
By Tom Polansek and Jeff Mason

The White House said on Tuesday that Brazil's JBS SA has informed the U.S. government that a ransomware attack against the company that has disrupted meat production in North America and Australia originated from a criminal organization likely based in Russia.

JBS is the world's largest meatpacker and the incident caused its Australian operations to shut down on Monday and has stopped livestock slaughter at its plants in several U.S. states.

The ransomware attack follows one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the U.S. Southeast.

White House spokeswoman Karine Jean-Pierre said the United States has contacted Russia's government about the matter and that the FBI is investigating.

"The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day," Jean-Pierre said.

"JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals," Jean-Pierre added.

JBS sells beef and pork under the Swift brand, with retailers like Costco carrying its pork loins and tenderloins. JBS also owns most of chicken processor Pilgrim's Pride Co, which sells organic chicken under the Just Bare brand.

If the outages continue, consumers could see higher meat prices during summer grilling season in the United States and meat exports could be disrupted at a time of strong demand from China.

The disruption to JBS's operations have already had an impact, analysts said. U.S. meatpackers slaughtered 94,000 cattle on Tuesday, down 22% from a week earlier and 18% from a year earlier, according to estimates from the U.S. Department of Agriculture. Pork processors slaughtered 390,000 hogs, down 20% from a week ago and 7% from a year ago.

JBS said it suspended all affected systems and notified authorities. It said its backup servers were not affected.

"On Sunday, May 30, JBS USA determined that it was the target of an organised cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems," the company said in a Monday statement.

"Resolution of the incident will take time, which may delay certain transactions with customers and suppliers," the company's statement said.

The company, which has its North American operations headquartered in Greeley, Colorado, controls about 20% of the slaughtering capacity for U.S. cattle and hogs, according to industry estimates.

"The supply chains, logistics, and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments," said threat researcher John Hultquist with security company FireEye.

U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses face a dearth of workers.

The cyberattack on JBS could push U.S. beef prices even higher by tightening supplies, said Brad Lyle, chief financial officer for consultancy Partners for Production Agriculture.

Any impact on consumers would depend on how long production is down, said Matthew Wiegand, a risk management consultant and commodity broker at FuturesOne in Nebraska.

"If it lingers for multiple days, you see some food service shortages," Wiegand added.

Two kill and fabrication shifts were canceled at JBS's beef plant in Greeley due to the cyberattack, representatives of the United Food and Commercial Workers International Union Local 7 said in an email. JBS Beef in Cactus, Texas, also said on Facebook it would not run on Tuesday.

JBS Canada said in a Facebook post that shifts had been canceled at its plant in Brooks, Alberta, on Monday and one shift so far had been canceled on Tuesday.

A representative in Sao Paulo said the company's Brazilian operations were not impacted.

The United States Cattlemen's Association, a beef industry group, said on Twitter that it had reports of JBS redirecting livestock haulers who arrived at plants with animals ready for slaughter.

Last year, cattle and hogs backed up on U.S. farms and some animals were euthanized when meat plants shut due to COVID-19 outbreaks among workers.

A JBS beef plant in Grand Island, Nebraska, said only workers in maintenance and shipping were scheduled to work on Tuesday due to the cyberattack.

U.S. congressman Rick Crawford, an Arkansas Republican, called for a bipartisan effort to secure food and cyber security in the wake of the cyberattack.

"Cyber security is synonymous with national security, and so is food security," Crawford wrote on Twitter.

Over the past few years, ransomware has evolved from one of many cybersecurity threats to a pressing national security issue with the full attention of the White House.

A number of gangs, many of them Russian-speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again. An increasing number of the gangs, and affiliates who break into some of the targets, now demand additional money not to publish sensitive documents they copied before encrypting.

In addition to diplomatic pressure, the Biden White House is taking steps to regulate cryptocurrency transfers and track where they are going.

© Thomson Reuters 2021.

©2021 GPlusMedia Inc.

12 Comments
Login to comment

In addition to diplomatic pressure, the Biden White House is taking steps to regulate cryptocurrency transfers and track where they are going.

biden has utterly failed in doing anything to prevent cyber espionage and crime. He can only give payoffs to the criminals who have shutdown critical infrastructure. The incompetence permeates his administration and has infected the Defense Department and Homeland Security. One hopes that he will eventually recognizes his failures and changes course.

-8 ( +1 / -9 )

biden has utterly failed in doing anything to prevent cyber espionage and crime.

Oh of course I imagine you judge said last president even more harshly, seeing that he not only didn't do anything to "prevent cyber espionage and crime", but actually publicly welcomed it??

He can only give payoffs to the criminals who have shutdown critical infrastructure. 

Can you give us examples of payoffs Biden gave to criminals? Because up until now private companies have been hacked and gave payoffs, not governmental agencies.

2 ( +3 / -1 )

He can only give payoffs to the criminals who have shutdown critical infrastructure. 

No. That is not only all he can do, it is what he's not doing. Hunting down cybercriminals is difficult - where are they based? Belarus? - but doing so is crucial to stopping the problem. The criminals may not be apprehended, but they'll be monitored prevented from stepping foot outside of their country. And that's deterrence.

4 ( +5 / -1 )

JBS also owns most of chicken processor Pilgrim's Pride Co, which sells organic chicken under the Just Bare brand.

Processed media alert: It sells a helluva lot more than organic chicken, from the finger lickin' stuff to that warehouse chain's rotisseries.

Processed media is to politics what processed food is to Big Pharma.

-1 ( +2 / -3 )

He can only give payoffs to the criminals who have shutdown critical infrastructure. 

For example? I hope you aren’t referencing the Colonial pipeline because that would be misinformation.

-1 ( +2 / -3 )

"A number of gangs, many of them Russian-speakers"

I hope peole realise that 'Russian-speaker' does not necessarily mean 'from Russia'.

And again with the completely unconfirmed but "highly likely"??? Give me a break.

-1 ( +3 / -4 )

biden has utterly failed in doing anything to prevent cyber espionage and crime. He can only give payoffs to the criminals who have shutdown critical infrastructure. The incompetence permeates his administration and has infected the Defense Department and Homeland Security. One hopes that he will eventually recognizes his failures and changes course.

It's becoming very clear what Russia and China are doing. They are launching a concerted, coordinated cyber attack on US infrastructure, to cause economic disruptions - that their disinformation campaigns then blame on President Biden.

The US far-right media machine assists in this disinformation campaign, either by being complicit in it or just easily manipulated.

The goal is clear - help get Trump re-elected or an equivalent authoritarian-friendly Repub. They'd prefer Trump since he was so easily duped - and caused so much harm to American interests.

This post above is just one clear example of this collusion.

0 ( +4 / -4 )

The US far-right media machine assists in this disinformation campaign, either by being complicit in it or just easily manipulated.

Then the rightists claim their big lies are covered by free speech, just like they claim revenge porn is also covered. No question in my mind Russia, China Iran and OTHEr STaTES IN THEIR NTI-DEMOCRacy ORBIT HAVE HIDDEN UNDER 'WESTERN' FREE SPEECH LAWS WHILE TRYING TO UNDERMINE DEMOCRacies and weaken free speech for thos from Not surprising US Republicans nd others in the US far right have followed suit. While the US far right join forces with China (see Steeve Bannon) in pushing intentional misinformations. While making Bannon etal richer, doubtful Biden will pardon Bnnon like 45 did.

1 ( +3 / -2 )

PS, ransomware is a 'give us your money we'll give you your data'.

Sanctions are 'give us your obedience we'll give you your money' which sounds like an even bigger crime, doesn't it.

1 ( +3 / -2 )

Does anyone else miss the days when Trump used to be a Putin apologist for the American media?

Now we have to listen to them trash talk Putin, and he's got no one to defend him.

Poor Putin.

-2 ( +1 / -3 )

What's Russia doing to investigate these crimes and arrest the perpetrators?

Being infamously reknowned as a wild-wild-west of the internet doesn't give Russia and its tech companies a good reputation in the marketplace. Many people don't trust software that come out of Russia because they don't know if the company behind it can be trusted, or if they're in cahoots with cyber-criminal gangs that can exploit it

When's the last time Russia went after cyber-criminal gangs?

1 ( +1 / -0 )

Folks JBS is a Brazilian company operating in multiple countries. We see effects not just in the US from this ransomware but also Canada and Australia. There is little or nothing the US could do on its own to deter such attacks. It has to be a cooperative effort across all the developed nations to coax or coerce firms operating across international borders to take adequate cyber security precautions in all of their divisions. The US cannot force a company headquartered in Brazil to take specific precautions on their IT system in Brazil.

-1 ( +0 / -1 )

Login to leave a comment

Facebook users

Use your Facebook account to login or register with JapanToday. By doing so, you will also receive an email inviting you to receive our news alerts.

Facebook Connect

Login with your JapanToday account

User registration

Articles, Offers & Useful Resources

A mix of what's trending on our other sites