Ransomware disrupts world’s largest meat supply company

Share:

Share on facebook
Share on twitter
Share on linkedin

Meat supply globally has been significantly impacted after a ransomware attack struck the world’s largest meat processing company. 

JBS Foods yesterday warned it would take time to recover from an “organised” cyber attack that adversely impacted some of its servers supporting North American and Australian IT systems. 

While backup servers were not impacted, the attack had nonetheless impacted the company significantly.

At last report, JBS was “working actively with an incident response firm and authorities to restore its systems as soon as possible”.

JBS is the world’s biggest meat and food processing company: second in the United States and the leader in Australia. 

It also owns Australia’s largest smallgoods manufacturer, Primo Foods, which has similarly been impacted by the incident. 

JBS is the world’s biggest meat and food processing company: second in the United States and the leader in Australia. 

In Australia, operations were halted at JBS’ meat plants on Monday and Tuesday. It is unclear when production will resume. 

Consumers could be forced to pay more for meat if the outages continues, in the midst of already high prices. Food shortages could also be a result if outages continue. 

The disruption appears to have already had an impact: US production this week was down as much as 22%on the previous.

The meat processor’s Brazilian arm has notified the US government of a ransom demand from criminals it says are likely based in Russia.  

JBS also owns Australia’s largest smallgoods manufacturer, Primo Foods

Ideal Targets

Companies like JBS make ideal targets for ransomware criminals because of the critical role they play in the food chain making the chance of a payout more likely, experts say. 

“The supply chains, logistics, and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments,” FireEye threat researcher John Hultquist told Reuters

The level of disruption such targeted attacks can cause was made evident last month when hackers forced the temporary closure of the largest US fuel pipeline.

The ransomware industry has evolved rapidly in recent years from a niche sub-sector of cyber crime into a highly organised, commoditised industry where primarily Russian-based criminals share skills and resources in exchange for a cut of the rewards. 

More sophisticated groups offer ‘ransomware-as-a-service’ to other criminals who may lack the skills to create the malware needed to pull off a ransomware attack. This service often includes technical support as well as assistance negotiating with victims and laundering any financial proceeds. 

Ransomware is now a highly organised, commoditised industry where primarily Russian-based criminals share skills and resources in exchange for a cut of the rewards. 

“Any doofus can be a cybercriminal now,” former hacker Sergei A. Pavlovich told the NYT. “The intellectual barrier to entry has gotten extremely low.” 

Retribution for these attacks is difficult: those operating within the Russian ransomware nerve centre avoid targeting organisations in the same jurisdiction to avoid falling foul local authorities. 

And the Russian government has definitively stated it will not chase local cyber criminals for attacks that take place outside of the country. 

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.