Sunday, June 06, 2021

JBS Canada beef processing facility in Alberta resumes production after cyberattack

CALGARY — The JBS Canada beef processing facility in Alberta has resumed production after a cyberattack that impacted the company’s operations in North America and Australia.
© Provided by The Canadian Press

The JBS Canada facility in Brooks, Alta., employs more than 2,800 people.

Some plant shifts in Canada were cancelled Monday and Tuesday, according to JBS Facebook posts.

The world's largest meat processing company was the target of an organized cybersecurity attack, affecting some of the servers for its North American and Australian IT systems.

It said its backup servers were not affected and that it was not aware of any evidence that any customer, supplier or employee data had been compromised.

The company said Tuesday it was making progress in resuming plant operations in the U.S. and Australia. It said several of its pork, poultry and prepared foods plants were operational as well as the Canadian facility.

JBS notified the Australian government the ransom demand came from the ransomware gang REvil, which is believed to operate in Russia, according to a person familiar with the situation who is not authorized to discuss it publicly.

The attack was the second in a month on critical U.S. infrastructure. Earlier in May, hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid nearly US$5 million to the hackers.

JBS is the second-largest producer of beef, pork and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.

The JBS plant closures reflect the reality that modern meat processing is heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process; orders, billing, shipping and other functions are all electronic.

It's not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.

In March, Molson Coors announced a cyber attack that affected its production and shipping. Molson Coors said it was able to get some of its breweries running after 24 hours; others took several days.

Following the incident involving Colonial, Canadian pipeline companies TC Energy and Enbridge said they regularly take precautions, including technology and training to protect their operations from cyberattacks.

Cybersecurity experts say a common way for hackers to penetrate security is to trick employees through emails or texts that allow disruptive software into corporate systems.

A Proofpoint survey of 1,400 chief information security officers from 14 countries, found that email fraud was identified as the top cybersecurity problem for the Canadian CISOs.

Other problems cited by the Canadian respondents to the first-quarter survey was the use of unauthorized devices or software, as well as weak passwords.

This report by The Canadian Press was first published June 2, 2021.

— With files from The Associated Press

The Canadian Press

JBS RESTARTS 

By Nandita Bose and Tom Polansek
© Reuters/Bing Guan FILE PHOTO:  JBS USA Worthington pork plant in Minnesota

WASHINGTON/CHICAGO (Reuters) -JBS SA employees were scheduled to return to U.S. meat plants on Wednesday, a day after the company's beef operations stopped following a ransomware attack.

A notorious Russia-linked hacking group is behind the cyberattack against JBS that disrupted meat production in North America and Australia, a source familiar with the matter said.

Brazil's JBS controls about 20% of the slaughtering capacity for U.S. cattle and hogs, so the plants' reopening should prevent a severe supply chain disruption at a time consumers are already facing high meat prices and general food inflation.

JBS, the world's largest meatpacker, said on Tuesday night it had made "significant progress in resolving the cyberattack."

The "vast majority" of the company's beef, pork, poultry and prepared foods plants will be operational on Wednesday, according to a statement.

The cyberattack followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, which crippled fuel delivery for several days in the U.S. Southeast.

The cyber gang goes by the name REvil, the source said.

Cybersecurity investigators have previously said they believe some members of the REvil ransomware team are based in Russia. The prolific ransomware group, which is perhaps best known for attacking an Apple Inc supplier named Quanta Computer earlier this year, has previously posted in Russian on cybercrime forums, marketing stolen data.

In the Quanta Computer case, the hackers sent extortion threats and demanded a payment of $50 million for the company to regain access to its systems.

With North American operations headquartered in Greeley, Colorado, JBS sells beef and pork under the Swift brand, with retailers like Costco Wholesale carrying its pork loins and tenderloins.

U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses have confronted a labor shortage since COVID-19 outbreaks shut down many U.S. meat plants.

JBS also owns most of chicken processor Pilgrim's Pride Co, which sells organic chicken under the Just Bare brand.

The company's operations in Brazil, Mexico and the United Kingdom were not affected by the attack, JBS has said.

JBS canceled an early shift on Wednesday at its beef plant in Greeley, but a later shift was scheduled to resume normally, representatives of the United Food and Commercial Workers International Union Local 7 said in an email.

A JBS beef plant in Grand Island, Nebraska, told its workers on Facebook it would resume normal schedules in all departments.

Chicago Mercantile Exchange (CME) cattle futures rose on Wednesday after tumbling on Tuesday as the JBS plant shutdowns prevented farmers from delivering their cattle to slaughter plants.

Over the past few years, ransomware has evolved into a pressing national security issue. A number of gangs, many of them Russian speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.

(Reporting by Tom Polansek and Caroline Stauffer in Chicago and Nandita Bose in Washingon; editing by Steve Orlofsky and Nick Zieminski)

No comments: