1. News
June 2, 2021

Ransomware gang demanding pound of flesh from JBS is Russian – White House

By Dean Best

JBS’ operations in North America and Australia have been affected by what the company has called “an organised cybersecurity attack”. The meatpacker’s business in Australia has seen its operations shut down, while production has been hit at sites across the US. The  cybersecurity attack appears to have been carried out by a criminal organisation likely located in Russia, according to the White House.

“JBS notified the administration that the ransom demand came from a criminal organisation likely based in Russia,” a spokesperson for the White House was quoted as saying by Reuters and CNN yesterday (1 June). “The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals.”

Just Food has contacted JBS and the US Department of Agriculture for comment.

On the evening of 31 May local time, a JBS site in Texas posted on Facebook it “will not operate tomorrow”. Yesterday morning local time, the United Food and Commercial Workers International Union Local 7 told Just Food two shifts at JBS’ plant in Greeley, Colorado had been cancelled that day “due to the cyber attack”. Earlier the union said the Greeley plant had one of its shifts “scheduled for a regular production day” on 1 June.

In a statement issued yesterday, JBS’ US arm said it had “determined that it was the target of an organised cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems”.

JBS USA said it had taken “immediate action suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation”.

It insisted its “back-up servers were not affected” and added: “The company is not aware of any evidence at this time that any customer, supplier or employee data has been compromised or misused as a result of the situation. Resolution of the incident will take time, which may delay certain transactions with customers and suppliers.”

Later in the day, in a filing with Brazil’s stock market, JBS said its US units JBS USA and Pilgrim’s had said they had made “significant progress in resolving the cyberattack that has impacted the company’s operations in North America and Australia.”

“In the US today, JBS USA and Pilgrim’s were able to ship product from nearly all of its facilities to supply customers. The company also continues to make progress in resuming plant operations in the US and Australia. Several of the company’s pork and poultry plants were operational today and its Canada beef facility resumed production,” the company added.

“Systems are coming back online and JBS USA is not sparing any resources to fight this threat. Given the progress IT professionals and plant teams have made in the last 24 hours, the vast majority of the beef, pork, poultry and prepared foods plants will be operational tomorrow.”

JBS added operations in Mexico and the UK were not impacted by the Russia attack, and were conducting business as normal.

JBS describes itself as “the largest protein producer in the world”. The company processes beef, pork, lamb and chicken, as well as having a presence in the growing meat-alternative market.

As well as in North America and Australia, JBS has operations across multiple countries in Latin America and in Europe, with none in Russia.

In 2020, JBS generated net revenue of BRL270.2bn (US$52.44bn), up 32.1% on a year earlier. Higher tax expenses contributed to a 24.2% drop in net income to BRL4.6bn.

This story was originally published on Just Food, part of the GlobalData network.