JBS nears “full capacity” as FBI names Russia cyber attack group
Join Our Newsletter - Get important industry news and analysis sent to your inbox – sign up to our e-Newsletter here
X

JBS nears “full capacity” as FBI names Russia cyber attack group

By Dean Best 03 Jun 2021 (Last Updated June 4th, 2021 08:34)

JBS expects to run its plants at “close to full capacity” today (3 June) as the meat processor recovers from the cyber attack the FBI has pinned on Russian group REvil.

At the weekend, JBS’ operations in North America and Australia were hit by what the company called “an organised cybersecurity attack”. The meatpacker’s business in Australia temporarily saw its operations shut down, while production was affected at sites across the US.

In a statement just after 7pm Eastern Time yesterday, JBS said its JBS USA and Pilgrim’s units “anticipate global operations at near full capacity” today.

“JBS USA and Pilgrim’s continue to make significant progress in restoring our IT systems and returning to business as usual,” Andre Nogueira, the CEO of JBS USA, said. “Today, the vast majority of our facilities resumed operations as we forecast yesterday, including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the US and Australia.

“Given the progress our teams have made to address this situation, we anticipate operating at close to full capacity across our global operations tomorrow.”
JBS reiterated it was “not aware of any evidence at this time that any customer, supplier or employee data has been compromised”.

On Tuesday, a spokesperson for the White House said JBS had told the US government the ransom demand “came from a criminal organisation likely based in Russia”.

In a separate statement yesterday, the FBI announced it had “attributed” the cyber attack on JBS to REvil, a Russia cyber-criminal group also known as Sodinokibi.

The FBI said it was “working diligently to bring the threat actors to justice” and added: “We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable. Our private-sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries.”

Among the JBS plants affected in the US is a processing facility in Greeley, Colorado. Just Food understands all three shifts at the factory will run today.

JBS describes itself as “the largest protein producer in the world”. The company processes beef, pork, lamb and chicken, as well as having a presence in the growing meat-alternative market.

As well as in North America and Australia, JBS has operations across multiple countries in Latin America and in Europe.

In 2020, JBS generated net revenue of BRL270.2bn (US$52.44bn), up 32.1% on a year earlier. Higher tax expenses contributed to a 24.2% drop in net income to BRL4.6bn.

David Bicknell, principal analyst for thematic research at UK-based data and analysis group GlobalData, said a “rash of ransomware attacks affecting all industries is proof that hackers remain several steps ahead of the cybersecurity industry”.

Bicknell added: “Ransomware attacks are increasing precisely because attacked companies will, understandably, pay to keep their operations running.

“Food manufacturers should ensure they employ a data back-up and recovery plan for all critical information, and perform and test regular backups to limit the impact of data or system loss and to expedite the recovery process. Keep operating systems and software up-to-date with the latest patches and ensure vulnerable applications and operating systems – the targets of most attacks – are patched with the latest updates.

“This greatly reduces the number of exploitable entry points available to an attacker. It doesn’t mean attacks won’t happen, but it gives you a chance of preventing them.”