At the weekend, JBS’ operations in North America and Australia were hit by what the company called “an organised cybersecurity attack”. The meatpacker’s business in Australia temporarily saw its operations shut down, while production was affected at sites across the US.

In a statement just after 7pm Eastern Time yesterday, JBS said its JBS USA and Pilgrim’s units “anticipate global operations at near full capacity” today.

“JBS USA and Pilgrim’s continue to make significant progress in restoring our IT systems and returning to business as usual,” Andre Nogueira, the CEO of JBS USA, said. “Today, the vast majority of our facilities resumed operations as we forecast yesterday, including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the US and Australia.

“Given the progress our teams have made to address this situation, we anticipate operating at close to full capacity across our global operations tomorrow.”
JBS reiterated it was “not aware of any evidence at this time that any customer, supplier or employee data has been compromised”.

On Tuesday, a spokesperson for the White House said JBS had told the US government the ransom demand “came from a criminal organisation likely based in Russia”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

In a separate statement yesterday, the FBI announced it had “attributed” the cyber attack on JBS to REvil, a Russia cyber-criminal group also known as Sodinokibi.

The FBI said it was “working diligently to bring the threat actors to justice” and added: “We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable. Our private-sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries.”

Among the JBS plants affected in the US is a processing facility in Greeley, Colorado. Just Food understands all three shifts at the factory will run today.

JBS describes itself as “the largest protein producer in the world”. The company processes beef, pork, lamb and chicken, as well as having a presence in the growing meat-alternative market.

As well as in North America and Australia, JBS has operations across multiple countries in Latin America and in Europe.

In 2020, JBS generated net revenue of BRL270.2bn (US$52.44bn), up 32.1% on a year earlier. Higher tax expenses contributed to a 24.2% drop in net income to BRL4.6bn.

David Bicknell, principal analyst for thematic research at UK-based data and analysis group GlobalData, said a “rash of ransomware attacks affecting all industries is proof that hackers remain several steps ahead of the cybersecurity industry”.

Bicknell added: “Ransomware attacks are increasing precisely because attacked companies will, understandably, pay to keep their operations running.

“Food manufacturers should ensure they employ a data back-up and recovery plan for all critical information, and perform and test regular backups to limit the impact of data or system loss and to expedite the recovery process. Keep operating systems and software up-to-date with the latest patches and ensure vulnerable applications and operating systems – the targets of most attacks – are patched with the latest updates.

“This greatly reduces the number of exploitable entry points available to an attacker. It doesn’t mean attacks won’t happen, but it gives you a chance of preventing them.”