The world’s largest meat supplier has been hit by a cyberattack, with hackers shutting down internal computer systems and forcing the company to suspend parts of its operations in Canada and Australia.
JBS, a Brazilian meat company which operates in 15 countries and employs 250,000 people, announced on Sunday that it had been attacked – weeks after the Colonial Pipeline, transporting fuel from Texas to the East Coast, was shut down by hackers from Russian-based group Dark Side.
That hack caused days of misery for drivers, as fuel pumps ran dry amid panic-buying of gas. A $4.4 million ransom was paid after the May 7 attack, their CEO confirmed.
The announcement of the meat supply hack was made by its USA division, based in Colorado. They did not state whether a ransom was being negotiated.
JBS USA oversees beef and lamb operations in the United States, Canada, Australia and New Zealand – a huge operation that includes 18 beef processing units, six feedlots, two leather units, two lamb units and one pork unit, eight processed food units, nine logistics centers and eight distribution centers in the three countries.
The U.S. was not affected by the hack, Bloomberg reported – but it was unclear whether that was because the plant was shut for Memorial Day.
JBS, the world’s largest meat supplier, said on Sunday that their U.S. division had been hacked. The U.S. itself is not believed to be affected, but Canada and Australia – which are part of the U.S. division – have reported being shut down. Workers are seen at a JBS plant in Lapa, Parana state, in Brazil in March 2017
It is not clear yet who is behind the JBS hack. In early May a Russia-based group took control of Colonial Pipeline and demanded a ransom, and received $4.4 million
In Canada, their beef plant in Brooks, Alberta – around 120 miles east of Calgary – was not operational on Monday, a union representative told Bloomberg.
Scott Payne, spokesman for United Food and Commercial Workers Canada Union Local 401, said: ‘There are no unionized workers there. That means effectively the plant’s operations have shut for the day.’
The JBS packaging facility in Belleville, Ontario – where beef, pork and salmon are prepared for grocery stores – was operating normally, said Tim Deelstra, a spokesman for UFCW Canada Local 175.
In Australia, JBS’s entire beef and lamb kills were cancelled across the nation, affecting facilities in Queensland, Victoria, New South Wales and Tasmania.
JBS said in a statement that the ‘organized cybersecurity attack’ was detected on Sunday, ‘affecting some of the servers supporting its North American and Australian IT systems.’
The entrance to the JBS Australia’s Dinmore meatworks facility, west of Brisbane. JBS operates in 15 countries worldwide, employing 250,000 people
They continued: ‘The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation.
‘The company’s backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible.’
JBS said they did not believe that ‘any customer, supplier or employee data has been compromised or misused as a result of the situation.’
The company warned that delays may be likely.
‘Resolution of the incident will take time, which may delay certain transactions with customers and suppliers,’ they said.
Butchers are seen working in a JBS facility. The company not only provides meat: it also trades in leather, biodiesel and collagen, in addition to running huge packaging facilities
Paul Rosenzweig, a former senior Department of Homeland Security official, told USA Today that the attacks on an oil pipeline and then a meat supplier ‘shows that nothing is safe.’
‘Not the meatpacking industry, not the chemical industry, not the wastewater treatment industry, not Sony. Nothing,’ he said.
‘And the only way to be safe in this world is to unplug completely. And you can’t do that and be economically competitive.’
Rosenzweig, a Cybersecurity and Emerging Threats senior fellow at the non-partisan R Street Institute public policy research organization in Washington, said that the success of the Colonial Pipeline cyberattack has emboldened hackers.
‘Until they actually pay consequences, they’ll keep doing it,’ he said.
‘I mean, the Colonial guys got away with $50 million or whatever it was – not bad for a week’s work.
‘Who knows what the JBS guys might get away with?
‘So long as the internet is a place of anonymity, the criminals will be able to act with impunity.
‘And why would they stop?’