Meat producer ransomware attack disrupts global production

A ransomware attack on the world’s largest meat processing company is disrupting production around the world just weeks after a similar incident shut down a U.S. oil pipeline.

JBS SA of Brazil notified the U.S. of a ransom demand from a criminal organization likely based in Russia, White House principal deputy press secretary Karine Jean-Pierre confirmed on June 1. She said the White House and the Department of Agriculture have been in touch with the company several times this week.

JBS has extensive facilities in the U.S., including processing plants in Texas and Colorado. Two shifts were canceled on June 1 at JBS’ meatpacking plant in Greeley, Colorado, according to UFCW Local 7, which represents 3,000 workers at the plant.

JBS has not stated publicly that the attack was ransomware.

Jean-Pierre said the White House “is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals.” The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is offering technical support to JBS.

In addition, USDA has spoken to several major meat processors in the U.S. to alert them to the situation, and the White House is assessing any potential impact on the nation’s meat supply.

In a statement on May 30, JBS said the cyberattack affected servers supporting its operations in North America and Australia. The company said it notified authorities and engaged third-party experts to resolve the problem as soon as possible. Backup servers weren’t affected.

Thousands of Australian meat plant workers had no work for a second day on June 1, and a government minister said it might be days before production resumes. JBS is Australia’s largest meat and food processing company, with 47 facilities across the country including abattoirs, feedlots and meat processing sites.

JBS employs more than 66,000 people at 84 locations in the U.S. It has around 11,000 employees in Australia.

It’s not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.

In March, Molson Coors announced a cyber attack that affected its production and shipping.

Ransomware expert Brett Callow, a threat analyst at the security firm Emsisoft, said companies like JBS make ideal targets.

“They play a critical role in the food supply chain and threat actors likely believe this increases their chances of getting a speedy payout,” Callow said.