US says ransomware attack on meatpacker JBS likely from Russia

FILE PHOTO: A general view of the JBS USA Worthington pork plant, as the coronavirus disease (COVID-19) outbreak continues, in Worthington, Minnesota, U.S., October 28, 2020. REUTERS/Bing Guan/File Photo

(Reuters)


1 photo

CHICAGO (Reuters) — The White House said on Tuesday that Brazil's JBS SA has informed the U.S. government that a ransomware attack against the company that has disrupted meat production in North America and Australia originated from a criminal organization likely based in Russia.

JBS is the world's largest meatpacker and the incident caused its Australian operations to shut down on Monday and has stopped livestock slaughter at its plants in several U.S. states.

The ransomware attack follows one last month on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the U.S. Southeast.

White House spokeswoman Karine Jean-Pierre said the United States has contacted Russia's government about the matter and that the FBI is investigating.

"The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day," Jean-Pierre said.

"JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals," Jean-Pierre added.

If the outages continue, consumers could see higher meat prices during summer grilling season in the United States and meat exports could be disrupted at a time of strong demand from China.

JBS said it suspended all affected systems and notified authorities. It said its backup servers were not affected.

"On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems," the company said in a Monday statement.

"Resolution of the incident will take time, which may delay certain transactions with customers and suppliers," the company's statement said.

The company, which has its North American operations headquartered in Greeley, Colorado, controls about 20% of the slaughtering capacity for U.S. cattle and hogs, according to industry estimates.

Two kill and fabrication shifts were canceled at JBS's beef plant in Greeley due to the cyberattack, representatives of the United Food and Commercial Workers International Union Local 7 said in an email. JBS Beef in Cactus, Texas, also said on Facebook it would not run on Tuesday, updating an earlier post that had said the plant would run as normal.

JBS Canada said in a Facebook post that shifts had been canceled at its plant in Brooks, Alberta, on Monday and one shift so far had been canceled on Tuesday.

A representative in Sao Paulo said the company's Brazilian operations were not impacted.

(Reporting by Caroline Stauffer, Tom Polansek, Mark Weinraub in Chicago; Additional reporting by Ana Mano in Sao Paulo Editing by Chizu Nomiyama, Will Dunham and Nick Zieminski)

Photos

Tom Polansek
    Mark Weinraub

      SIGN UP FOR THE KSL.COM NEWSLETTER

      Catch up on the top news and features from KSL.com, sent weekly.
      By subscribing, you acknowledge and agree to KSL.com's Terms of Use and Privacy Policy.

      KSL Weather Forecast