JBS recovers from cybersecurity attack

A cyberattack against JBS Foods underscored the growing threat of ransomware to global enterprises.

Josh Long, Associate editorial director, Natural Products Insider

June 4, 2021

3 Min Read
SupplySide Food & Beverage Journal logo in a gray background | SupplySide Food & Beverage Journal

JBS Foods, one of the world’s largest food companies, announced Thursday that its global facilities were fully operational following a criminal cyberattack a few days earlier affecting its operations in the U.S. and abroad.

The cyberattack underscored the growing threat of ransomware to global enterprises and the potential ripple effects across the economy that can stem from such an attack.

The assault on JBS, The Wall Street Journal reported, shut down production at plants that process nearly a quarter of the beef and a fifth of the pork produced in the U.S. This resulted in higher wholesale meat prices and complicated livestock deliveries from farms, the newspaper said.

JBS, whose brands include Pilgrim’s, said its swift response, strong IT systems and encrypted backup servers allowed the company to make a rapid recovery from the attack, limiting the loss of food produced to less than one days’ worth of production.

“Any lost production across the company’s global business will be fully recovered by the end of next week, limiting any potential negative impact on producers, consumers and the company’s workforce,” JBS stated in a June 3 press release.

The cyberattack affected one of the globe’s biggest food companies. According to JBS’ webpage on its business, it is the world’s leading beef producer and a majority shareholder of Pilgrim’s, the No. 1 poultry producer in the world. The company says it’s also the world’s second-biggest pork producer.

After learning of the attack, JBS said, the company reached out to federal officials and activated its cybersecurity procedures. Those protocols included “voluntarily shutting down all of its systems to isolate the intrusion, limit potential infection and preserve core systems.”

The company disclosed it was able to return to operations sooner than expected due to encrypted backup servers that were not infected during the attack.

“JBS USA and Pilgrim’s prioritized restoring systems critical to production to ensure the food supply chain, producers and consumers were not adversely impacted,” the company added.

In a statement, the Federal Bureau of Investigation blamed the attack on a ransomware-as-a-service (RaaS) operation known as “REvil" or "Sodinokibi” and said it was “working diligently to bring the threat actors to justice.”

“We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable,” the FBI said.

REvil is a RaaS operation—also known as Sodinokibi—that has extorted large sums of money from organizations around the world, according to CSO, a publication that writes about criminal cyberattacks.

The suspected perpetrators have links to Russia, The Washington Post reported.

In the wake of the attack against JBS, the U.S. Department of Agriculture said it had been in touch with agriculture, food and retail organizations to highlight “the importance of maintaining close communication and working together to ensure a stable, plentiful food supply.”

“USDA will continue to encourage food and agriculture companies with operations in the United States to take necessary steps to protect their IT and supply chain infrastructure so that it is more durable, distributed and better able to withstand modern challenges, including cybersecurity threats and disruptions,” the agency said in a statement.

Also this week, an American cybersecurity official, Anne Neuberger, urged corporate executives and business leaders in an open memo to take immediate steps to address the threat of ransomware. 

“The federal government, under the leadership of President Biden, has been stepping up to strengthen the nation’s defenses against cyberattacks, but we can’t do it alone,” White House Press Secretary Jen Psaki said June 3 during a press briefing. “Business leaders have a responsibility to strengthen their cyber defenses to protect the American public and our economy.”

Based on ransomware attacks around the world, Psaki concluded “companies that view ransomware as a threat to their core business operations, rather than a simple risk of data theft, will react and recover more effectively.”

About the Author

Josh Long

Associate editorial director, Natural Products Insider, Informa Markets Health and Nutrition

Josh Long has been a journalist since 1997, holds a J.D. from the University of Wyoming College of Law, and was admitted to practice law in Colorado in 2008. Josh is the legal and regulatory editor with Informa's Health and Nutrition Network, specializing on matters related to Natural Products Insider. Ping him with story ideas at [email protected].

Subscribe for the latest consumer trends, trade news, nutrition science and regulatory updates in the food & beverage industry!
Join 30,000+ members. Yes, it's completely free.

You May Also Like