Food industry giants JBS is hit by ransomware attack. The US government is already holding the Russian power to account, while it has made few details of the cyberattack public.
Less than a month after the cyberattack against the Colonial Pipeline, the White House is already speaking on a new incident. This time, it is the American, Australian and Canadian sites of JBS, a Brazilian multinational, which have been affected since Sunday, May 30. If the victim did not use the word “ransomware” in his first press release, the American authorities do not hesitate. The Biden government has insisted in recent months on its willingness to fight cybercriminals more aggressively, and this second voice is a powerful sign of that.
“The White House immediately came into contact with the Russian government on this subject, and it carries the message that the responsible states must not serve as a refuge for ransomware criminals,” said spokeswoman Karine Jean-Pierre, reports Wired. As of now, the identity of the gang behind the attack has not yet been released, but we believe it to be once again from Russia.
A Coming Crisis In The Food Industry?
JBS is not a victim like the others. Its name may not speak to you, but it is the world’s largest producer of beef products (over a quarter of the total), and the second largest producer of pork products. The company manages an entire section of the production chain, from the slaughterhouse to processing into ready-to-eat products. It employs over 250,000 people worldwide.
The paralysis of the JBS factories, if it were to drag on forever, could cause real chaos in the food industry. For example, The Record Media reports that at the start of the week, oxen on their way to the slaughterhouse had to be sent back to their farm, and that many factory workers had to stay at home for lack of work. .
The exact extent of the attack is unknown. A ransomware attack takes down any machine it touches, but sometimes the victim’s network is compartmentalized enough, and its reaction is fast enough that they limited the cyber attack to certain areas. Ransomware can paralyze all machines in all factories, such as simply shutting down one of the group’s departments (human resources, for example).
The Hope Of a Rapid Restoration Of Computer Systems
JBS explains that it immediately shut down the systems affected by the ransomware and is now working with outside specialists on resolving the incident. “The backup servers have not been affected, and the company is actively working with an incident response firm to restore its systems as quickly as possible,” says the multinational. This is good news for the victim, since the backups offer him an alternative to paying the ransom (the amount of which we do not know). However, this process can be long (several weeks or even several months) and expensive depending on the extent of the damage.
In the Colonial Pipeline attack, authorities intercepted some of the stolen data, but the victim still paid the ransom, estimated at $5 million. The gang behind the attack, Darkside, withdrew under political pressure, and several industry players kept a low profile for a while. To see if this alternative exit from the White House can reinforce the wind of panic in the sector.