The world’s largest beef supplier has been hit with a ransomware attack, threatening some of the U.S. meat supply.
The hack came less than four weeks after a similar one by Russian criminals against Colonial Pipeline, a major U.S. fuel supplier, prompted Colonial to shut down pipeline activity for five days and led to shortages at some gas stations.
JBS, one of the world’s largest international meat processors, was hacked Sunday, the company said in an email, forcing the company to take systems offline and stop work in North America and Australia.
The company maintains 11 beef processing facilities in Australia and 26 chicken processing plants in the U.S.
At least six JBS locations in the U.S. posted on their respective Facebook pages for workers to not come in Tuesday, an NBC review of their posts found.
One such post, from JBS’s beef processing plant in Grand Island, Nebraska, wrote: “Team member: This weekend our company was the target of a cyberattack that has impacted our IT systems. As a result, we will not operate tomorrow. ONLY MAINTENANCE AND SHIPPING ARE SCHEDULED TO WORK.”
JBS-owned Pilgrim’s Pride, one of the U.S.’s largest chicken producers, didn’t respond to request for comment. But at least one of its processing plants, in Arcadia, Wisconsin, canceled its night shift on Monday because of “IT issues,” according to a post on that location’s Facebook page.
The company told the White House on Sunday that it was a ransomware attack, principal deputy press secretary Karine Jean-Pierre told reporters Tuesday.
“The White House has offered assistance to JBS, and our team, and the Department of Agriculture, have spoken to their leadership several times in the last day,” Jean-Pierre said. “JBS notified the administration that the ransom demand came from a criminal organization, likely based in Russia. The White House is engaging directly with the Russian government on this matter, and delivering the message that responsible states do not harbor ransomware criminals.”
Ransomware, an extremely lucrative type of cybercrime, is malicious software that lets hackers encrypt a victim’s files and demand a ransom to make them functional again. Sometimes, the hackers will steal and threaten to publish those files if their demands aren’t met.
Ransomware attacks have grown rapidly in recent years. Criminal hackers, often based countries like Russia where they are largely protected from U.S. law enforcement, have targeted practically every major industry to shake down victims for payment.
Allan Liska, a ransomware analyst at the cybersecurity company Recorded Future, said in a text message that about 40 food and beverage companies around the world have had confirmed ransomware attacks since May 2020.
Colonial’s hackers, an established ransomware gang called DarkSide, shut down its website amid international attention from that attack, but not before receiving a $4.4 million payment from Colonial.
But a number of other ransomware gangs are still active, and regularly hit manufacturers, school systems and city governments.
Winston Wilde contributed.