Systems coming back online, meatpacker JBS blames Russia
Brazil’s JBS SA has told the US government that a ransomware attack on the company that disrupted meat production in North America and Australia originated from a criminal organisation likely based in Russia, the White House says.
JBS, the world’s largest meatpacker, said on Tuesday night it had made “significant progress in resolving the cyberattack”.
The “vast majority” of the company’s beef, pork, poultry and prepared foods plants would be operational on Wednesday, according to a statement, easing concerns over rising food prices.
The cyberattack followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, which crippled fuel delivery for several days in the US southeast.
JBS halted cattle slaughter at all its US plants on Tuesday, according to union officials. On Monday, the attack caused Australian operations to shut down.
“Our systems are coming back online and we are not sparing any resources to fight this threat,” JBS USA chief executive Andre Nogueira said.
With North American operations headquartered in Greeley, Colorado, JBS controls about 20 per cent of the slaughtering capacity for US cattle and hogs.
White House spokeswoman Karine Jean-Pierre said the United States contacted Russia’s government and that the FBI was investigating.
“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” Jean-Pierre said.
Ongoing shutdowns of JBS plants would threaten to raise meat prices further for American consumers during summer grilling season and to disrupt meat exports at a time of strong demand from China.
The US Department of Agriculture contacted several major meat processors to encourage them to keep supplies moving and slaughter additional livestock when possible.
The agency also urged meatpackers to make their IT and supply-chain infrastructure more durable.
Federal agencies including the USDA and Department of Homeland Security were closely monitoring meat and poultry supplies, a White House official said. The agencies were also working with agricultural processors to ensure no price manipulation occurred as a result of the cyberattack.
JBS said it suspended all affected systems, notified authorities and that backup servers were not affected. A representative in Sao Paulo said there was no impact on Brazilian operations.
The company said Sunday’s cyberattack affected its North American and Australian IT systems and “resolution of the incident will take time, which may delay certain transactions with customers and suppliers”.
US beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses face a dearth of workers. Any further impact on consumers would depend on how long JBS plants remain closed, analysts said.
JBS Beef in Cactus, Texas, said on Facebook there would be no production for fabrication, slaughtering or rendering on one shift on Wednesday. Another shift will have regular start times for employees.
An early shift was also cancelled on Wednesday at JBS’ beef plant in Greeley after the cyberattack, but a later shift was scheduled to resume normally, representatives of the United Food and Commercial Workers International Union Local 7 said.
A pork plant in Ottumwa, Iowa, would have no “harvest production” on its first or second shifts on Wednesday, according to a Facebook post that said the company was “continuing to work through our IT issues”.
JBS Canada said in a Facebook post that it operated a shift at its beef plant in Brooks, Alberta, on Tuesday, after cancelling shifts earlier in the day and on Monday.
During the past few years, ransomware has evolved into a pressing national security issue. A number of gangs, many of them Russian speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.
Get the latest news from thewest.com.au in your inbox.
Sign up for our emails