Cyber Crime

JBS attack has likely a Russian origin

White House spokeswoman speculates threat actors behind the JBS ransomware attack have a Russian origin.

The American food processing giant JBS Foods, the world’s largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack.

The cyberattack impacted multiple production plants of the company worldwide, including facilities located in the United States, Australia, and Canada.

JBS USA disclosed the cyberattack, according to a press release published by the company the attack had a severe impact on infrastructure located in Australia and North America.

“On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems. The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation. The company’s backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible.” reads the press release published by the company.

JBS said that it is not aware of any data breach caused by the cyber attack, it added that transactions with customers and suppliers will be delayed.

The White House said Tuesday that the cyberattack was likely originating from a cybercrime organization based in Russia.

White House spokeswoman Karine Jean-Pierre told reporters on Air Force One that the company notified the US government Sunday that it was the victim of a ransomware attack. JBS confirmed that the ransom demand came from a criminal organization likely based in Russia.

Karine Jean-Pierre also said that the United States has contacted Russia’s government about the cyber attack.

“The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day,” Jean-Pierre said. “JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals.”

The attack has a significant impact on the JBS’s operations, according to analysts the meatpackers slaughtered 94,000 cattle on Tuesday, down 22% from a week earlier and 18% from a year earlier, according to estimates from the U.S. Department of Agriculture. Pork processors slaughtered 390,000 hogs, down 20% from a week ago and 7% from a year ago.

JBS confirmed it has suspended all affected systems and notified authorities, fortunately, the backup servers were not affected.

“IMPORTANT ANNOUNCEMENT! A-Shift Slaughter and Production areas will NOT be running on Monday May 31st,” read a statement published by JBS Canada on its Facebook page.

According to the experts, the company will take time to completely recover its operations.

Analysis observed that U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses face a dearth of workers.

The risk is that the U.S. beef prices could rise up following the cyber attack impacting the supplies.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, JSB)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

12 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.