(Sioux City Journal) – A ransomware attack on the world’s largest meat processing company is disrupting production around the world just weeks after a similar incident shut down a U.S. oil pipeline.
JBS SA of Brazil notified the U.S. of a ransom demand from a criminal organization likely based in Russia, White House principal deputy press secretary Karine Jean-Pierre confirmed Tuesday. She said the White House and the Department of Agriculture have been in touch with the company several times this week.
JBS is the second-largest producer of beef, pork, and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.
JBS has extensive facilities in the U.S., including three processing plants in Iowa; Council Bluffs, Marshalltown, and Ottumwa, along with plants in Omaha and Grand Island, Nebraska.
The Western Iowa Labor Federation told the Council Bluffs Nonpareil on Tuesday the Council Bluffs plant was not organized. Attempts to reach leaders at the plant weren’t immediately successful.
Sen. Joni Ernst, an Iowa Republican, tweeted on Tuesday that, “my staff and I are closely following the JBS cyberattack. As details emerge, let’s get our facilities back online as soon as possible and work to ensure those responsible are held accountable.”
Rep. Randy Feenstra, an Iowa Republican who represents the northwest corner of the state, also said he is monitoring the situation.
“This is very concerning, and I’ll be keeping a close eye on how this will impact beef prices & the cattle market moving forward,” Feenstra tweeted.
In a statement, JBS said the cyberattack affected servers supporting its operations in North America and Australia. The company said it notified authorities and engaged third-party experts to resolve the problem as soon as possible. Backup servers weren’t affected.
Malone said the disruption could further raise meat prices ahead of summer barbecues. Even before the attack, U.S. meat prices were rising due to coronavirus shutdowns, bad weather, and high plant absenteeism. The U.S. Department of Agriculture has said it expects beef prices to climb 1% to 2% this year, poultry as much as 1.5%, and pork between 2% and 3%.
JBS didn’t say which of its 84 U.S. facilities were closed Monday and Tuesday because of the attack. But a union official confirmed that two shifts at the company’s largest U.S. beef plant, in Greeley, Colorado, were canceled Tuesday.
Some plant shifts in Canada were also canceled Monday and Tuesday, according to JBS Facebook posts.
In Australia, thousands of meat plant workers had no work for a second day Tuesday, and a government minister said it might be days before production resumes. JBS is Australia’s largest meat and food processing company, with 47 facilities across the country including slaughterhouses, feedlots, and meat processing sites.
The closures reflect the reality that modern meat processing plants are heavily automated, for both food and worker-safety reasons. Computers collect data at multiple stages of the production process, and orders, billing, shipping, and other functions are all electronic.
JBS has not stated publicly that the attack was ransomware.
Jean-Pierre said the White House “is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals.” The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is offering technical support to JBS.
In addition, USDA has spoken to several major meat processors in the U.S. to alert them to the situation, and the White House is assessing any potential impact on the nation’s meat supply.
JBS has more than 150,000 employees worldwide.
Washington D.C.-based Animal Wellness Action, an animal welfare group, said in a statement the attack, “underscores the need to break up the ‘big four’ packers and stop the monopolization and globalization of industrial agriculture.
“The cyberattack on JBS … underscores the need for reform in the marketplace — food safety and security are now at extreme risk and America cannot afford to stand idly by as the U.S. beef market and the food supply is further decimated,” Marty Irby, executive director of the organization, said in a prepared statement.
“We call on the Biden Administration, Attorney General Merrick Garland, and Agriculture Secretary Tom Vilsack to end the monopolization of agriculture in America, not one second can be wasted if we are to secure sustainability and feed the American people. Industrial agriculture has long sacrificed animal welfare, humane working conditions, and the environment for consolidation and big corporate profits, what more must be sacrificed before the federal government wakes up and realizes change must be made?”
It’s not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.
In March, Molson Coors announced a cyber attack that affected its production and shipping. Molson Coors said it was able to get some of its breweries running after 24 hours; others took several days.
Ransomware expert Brett Callow, a threat analyst at the security firm Emsisoft, said companies like JBS make ideal targets.
“They play a critical role in the food supply chain and threat actors likely believe this increases their chances of getting a speedy payout,” Callow said.
Mark Jordan, who follows the meat industry as the executive director of Leap Market Analytics, said the disruption could be minimal assuming JBS recovers in the next few days. Meat processors are used to dealing with delays because of a host of factors, including industrial accidents and power outages, and they make up lost production with extra shifts, he said.
“Several plants owned by a major meatpacker going offline for a couple of days is a major headache, but it is manageable assuming it doesn’t extend much beyond that,” he said.
Jordan said it will help that U.S. meat demand generally eases for a few weeks between Memorial Day and the July 4 Independence Day holiday.
But the attacks can wreak havoc. Last month, a gang of hackers shut down the operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid $4.4 million to the hackers.
Jason Crabtree, the co-founder of QOMPLX, a Virginia-based artificial intelligence and machine learning company, said Marriott, FedEx, and others have also been targeted by ransomware attacks. He said companies need to do a better job of rapidly detecting bad actors in their systems.
“A lot of organizations aren’t able to find and fix different vulnerabilities faster than the adversaries that they’re fighting,”‘ Crabtree said.
Crabtree said the government also plays a critical role and said President Joe Biden’s recent executive order on cybersecurity — which requires all federal agencies to use basic security measures, like multi-factor authentication — is a good start.
(Council Bluffs Nonpareil News Editor Mike Brownlee contributed to this report)