JBS meatpacking plants return to business after massive cyberattack | KSTP.com

JBS meatpacking plants return to business after massive cyberattack

Alex Jokich
Updated: June 02, 2021 07:00 PM
Created: June 02, 2021 05:59 PM

JBS meatpacking plants started to get back to business Wednesday after a massive cyberattack shut down operations across the country.

JBS is one of the world's largest meat producers, employing 66,000 people at 84 US locations, including a facility in Worthington, Minnesota.

"JBS USA and Pilgrim's are a critical part of the food supply chain and we recognize our responsibility to our team members, producers and consumers to resume operations as soon as possible," said Andre Nogueira, JBS USA CEO. "Our systems are coming back online and we are not sparing any resources to fight this threat. We have cybersecurity plans in place to address these types of issues and we are successfully executing those plans."

Nogueira said the vast majority of their beef, pork, poultry and prepared foods plants would be operational Wednesday.

The cyberattack on JBS comes just a few weeks after the Colonial Pipeline attack, which led to widespread fuel shortages.

Cybersecurity experts hope other companies will heed the warning.

"These are very effective attacks," said Mark Lanterman, chief technology officer at Computer Forensic Services in Minneapolis.

Lanterman has 28 years of security and forensic experience and previously served as a member of the U.S. Secret Service Electronic Crimes Taskforce.

"Organizations are being held hostage by a piece of malware known as ransomware, which basically encrypts data, making it inaccessible," Lanterman explained. "Organizations like JBS have machinery controlled by computers and these devices don't get weekly software updates. So when organizations are hit with ransomware, a decision is made tactically to just shut down additional computers, even computers that are not infected, in an effort to prevent further spread of that malware. When you shut down these systems, you now lose access to your machinery as well."

The cyberattack on JBS comes at a time when the demand for meat is on the rise due to the summer grilling season. The American Farm Bureau said retailers will likely try to absorb any potential price increases from the "short-term shock" of the shutdowns.
            
Experts believe the quality and safety of the meat should not be impacted by the cyberattack.

The U.S. Cybersecurity and Infrastructure Security Agency said it is working with the FBI to investigate.

"We became aware on Monday of the intrusion affecting JBS and immediately began working with the FBI to understand the intrusion and offer assistance. As this and other recent incidents demonstrate, the threat of ransomware continues to be severe. Ransomware can affect any organization in any sector of the economy. All organizations should urgently review our available resources and implement best practices to protect their networks from these types of threats. Regardless of the ransomware actor or strain, good cyber hygiene is highly effective in reducing the impacts of an intrusion. Our joint advisory released after the Colonial Pipeline attack provides critical guidance for all organizations," said Eric Goldstein, CISA's executive assistant director for cybersecurity.

A person familiar with the investigation said JBS notified the U.S. government the ransom demand came from the ransomware gang REvil, which is believed to operate in Russia. 

The White House issued a warning to Russia Wednesday, urging the country to crack down on cybercriminals.

"We're not taking any options off the table in terms of how we may respond," said White House Press Secretary Jen Psaki.

The White House also urged companies across the country to review their own security practices, especially at a time when dependence on technology continues to grow.

"One thing to always remember is whenever we gain a benefit from technology, we always give up a little bit of security. It's like a balancing act," Lanterman said.

He expects cyberattacks, like the ones on JBS and the Colonial Pipeline, will likely continue.

"These attacks are not going away," Lanterman noted. "I believe, unfortunately, this is how the next wars will be fought, by shutting down power grids, by shutting down water processing plants. I think it is scary and I just hope we put more investment in security."
 


Copyright 2021 - KSTP-TV, LLC A Hubbard Broadcasting Company

Juror responses from Chauvin trial provide window into Potter jury pool

What you need to know about the Kim Potter trial

St. Paul chef burglarized again; suspects seen on surveillance video

2nd military medical response team arrives at Minnesota hospital