JBS Poised to Reopen Most Meat Plants Hobbled by Cyberattack
[Stay on top of transportation news: Get TTNews in your inbox.]
JBS SA, the world’s largest meat producer, has made “significant progress” to resolve the cyberattack that hit its global operations and will have the “vast majority” of its plants operational June 2.
“Our systems are coming back online, and we are not sparing any resources to fight this threat,” Andre Nogueira, CEO of JBS USA, said in a statement late June 1. A union Facebook post said a shift at Greeley in Colorado was set for a regular production day June 2.
The cyberattack forced the shutdown of all of JBS’ U.S. beef plants, which account for almost a quarter of American supplies, according to an official with the United Food and Commercial Workers International Union, which represents workers at the company’s plants in the U.S. All other JBS meatpacking facilities in the country experienced some level of disruption, according to the official.
The weekend attack on the company’s computer networks forced shutdowns at slaughter operations across Australia and idled one of Canada’s largest beef plants. It’s unclear how many plants globally have been affected because JBS has yet to release details. The shutdowns upended agricultural markets and raised concerns about food security as hackers increasingly target critical infrastructure. Livestock futures slumped, while pork prices rose.
A notorious Russia-linked hacking group is behind the attack on JBS, according to four people familiar with the campaign who were not authorized to speak publicly on the matter. The cybergang goes by the name REvil or Sodinokibi.
When the pandemic started, drivers faced crowded parking lots, closed rest areas and minimal roadside support. And almost a year and a half later they still face the fear of not finding a place to park, which means having no place to rest. In this episode, host Michael Freeze seeks answers from those on the forefront of research and legislative action. Hear a snippet above, and get the full program by going to RoadSigns.TTNews.com.
While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cybercrime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a dark web blog dubbed “Happy Blog” to name and shame victims when they decline to engage in ransom talks. REvil has yet to post a blog item dedicated to JBS.
Russia has no information on the cyberattack but is in diplomatic contact with the U.S. government, according to Kremlin spokesman Dmitry Peskov. Cybercrime issues will be on the agenda at a June 16 summit between Presidents Joe Biden and Vladimir Putin, he said.
The JBS attack comes three weeks after Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, was targeted in a ransomware attack attributed to a group called DarkSide. Experts have said there is some evidence linking the group to Russia. That followed a series of devastating hacks against American government agencies, businesses and health facilities, often blamed on Russia or Russia-based hackers at a fraught time in relations between the countries.
Meanwhile, the JBS attack also is thrusting America’s system of churning out cheap meat back into the spotlight.
The sector is dominated by a handful of titans —Tyson Foods Inc., JBS and Cargill Inc. — which control about two-thirds of America’s beef. Taking down even a few plants can completely disrupt supplies, as seen last year when COVID-19 outbreaks idled plants and sparked meat shortages across the country. The industry is so concentrated that idling the JBS plants meant that the U.S. government on June 1 was prevented from releasing some key meat-pricing data that agricultural markets rely on daily.
“Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat-processing capacity,” said U.S. Senator John Thune of South Dakota, the Senate’s second-most powerful Republican.
There have been more than 40 publicly reported ransomware attacks against food companies since May 2020, said Allan Liska, senior security architect at cybersecurity analytics firm Recorded Future.
So far, it’s unclear what the impact on meat prices will be from this latest attack. Retailers don’t always like increasing prices for consumers and may try to resist, according to Michael Nepveux, an economist with the American Farm Bureau Federation.
“How long it goes on will impact to what level consumers start to see something at the grocery stores,” he said.
Livestock producers could see some of the more immediate blow. Chicago cattle futures slumped as much as 3.4% on June 1, before trimming losses. The slaughterhouse closures are exacerbating an existing supply glut of animals.
In Asia, the country most at risk from any prolonged shutdown is China, the world’s biggest beef importer. Beef prices already are near a record, and any lengthy supply disruption could push them up even more and stoke food inflation fears. About 30% of JBS’s export revenue comes from Greater China.
The company also owns Pilgrim’s Pride Corp., the second-biggest U.S. chicken producer. William Callicott, president of the Mid-Atlantic Council of Food Inspection Locals, AFGE, said at least two Pilgrim’s Pride poultry plants in Chattanooga, Tenn., were closed due to the cyberattack.
JBS owns facilities in 20 countries. Its Canada beef facility has resumed production, the company said. Plants in Cactus, Texas, and Grand Island, Neb., were planning to restart at least some operations, according to Facebook posts. In Tasmania, Australia, workers at JBS’s Longford beef processing plant have been told operations will resume June 4, said a spokesman for the Australasian Meat Industry Employees Union in Tasmania.
JBS USA Holdings ranks No. 57 on the Transport Topics Top 100 list of the largest private carriers in North America, and JBS Carriers ranks No. 6 on the list of top agriculture and food processing carriers.
Want more news? Listen to today's daily briefing below or go here for more info: