Meat plant shutdowns spread after cyber attack on JBS
Cyberattack believed to have originated in Russia
An American subsidiary of Brazilian meat processor JBS told the US government that it has received a ransom demand in a cyber attack it believes originated in Russia, forcing some plants to cut production.
JBS received the demand from "a criminal organisation likely based in Russia" following an attack that has affected its operations in Australia and North America, White House spokeswoman Karine Jean-Pierre said on Tuesday.
The White House statement comes as yet another major US sector finds its operations under duress about a month after a major cyber attack temporarily shut down the Colonial Pipeline network, which supplies about 45 per cent of the fuel to the US east coast.
"The White House has offered assistance to JBS and our team and the Department of Agriculture have spoken to their leadership several times in the last day," Ms Jean-Pierre said.
"The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals."
Brazil-based JBS is a sprawling meat supplier with operations in the US, Australia, Canada, Europe, Mexico, New Zealand and Britain.
"JBS USA determined that it was the target of an organised cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems," the company said in a statement.
JBS said its backup servers were not affected by the incident, but the statement did not offer details on the status of its plants. .
The company's Australian plants were said to have been paralysed by the attack, with up to 10,000 meat workers being sent home without pay, according to a union representative.
"It's affecting JBS processing facilities around [Australia]," Queensland meat industry union branch secretary Matt Journeaux told AFP.
"They have stood down workers across JBS operations."
Mr Journeaux said there was no word yet from the company on when operations would resume.
Several plants in North America were also affected by the incident.
The Facebook page for JBS's Green Bay, Wisconsin plant said there would be no production Monday. Another plant in Utah was also not operating, said a person who answered the phone and declined to give his name.
A plant in Iowa said four departments would not operate on Monday, while remaining units were working normally, according to its Facebook page.
JBS's Canada division cancelled some operations on Monday and early Tuesday, but said on Facebook later in the day that normal production would resume.
The United Food and Commercial Workers local representing workers in Colorado and Wyoming said "kill" and "fabrication" shifts were cancelled on Monday, according to its Facebook page.
Colonial's multi-day shutdown in May sparked panic buying in some eastern states and ended when the company paid $4.4 million in ransom to the hackers.
The online vulnerabilities of US oil conduits led the federal government last week to impose cybersecurity requirements on petroleum pipelines for the first time.
The JBS and Colonial Pipeline incidents follow a 2020 hack of the SolarWinds software company.
Last week, Microsoft said that the state-backed Russian group behind the SolarWinds hack had re-emerged with a series of attacks on government agencies, think tanks and other groups.
"The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats," Homeland Security Secretary Alejandro Mayorkas said on Thursday.
In the US alone, JBS accounts for almost a quarter of all beef capacity and about a fifth of all pork capacity.
Updated: June 2, 2021 12:27 PM