Contents:
JBS Foods, the world’s largest meatpacking organization, was forced to shut down production at several sites all over the world following a cyberattack. The attack affected multiple JBS production facilities globally over the weekend, including those from the United States, Australia, and Canada.
The JBS USA stated:
On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems.
JBS S.A. is a Brazilian company that is the largest (by sales) meat processing company in the world, producing factory processed beef, chicken, and pork, and also selling by-products from the processing of these meats.
As stated by the White House yesterday, the sophisticated ransomware attack against Brazil-based JBS S.A. has its origin from a criminal organization most likely based in Russia. The organization confirmed that the attackers requested a ransom payment.
At first, the company didn’t call the cyberattack a ransomware attack, it only suggested that a ransomware group conducted the attack on Monday, saying that the company’s backup servers were not impacted, and it’s actively working with an Incident Response firm to reinstate its systems as quickly as possible.
Meat producer JBS notified us on Sunday that they are the victims of a ransomware attack. The White House has offered assistance to JBS, and our team and the Department of Agriculture have spoken to their leadership several times in the last day. JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia.
White House Principal Deputy Press Secretary Karine Jean-Pierre stated that the White House is engaging directly with the Russian government on this incident and delivering the message that responsible states do not shelter ransomware threat actors.
USDA has reached out to several major meat processors in the United States to ensure they are aware of the situation. We’re assessing any impacts on supply, and the President has directed the administration to determine what we can do to mitigate any impacts as they may become necessary.
The ransomware attack follows the one last month on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the US south-east.
The FBI is investigating the incident and CISA is coordinating with the FBI to offer technical support to the company in recovering from the ransomware attack.