The hack on Monday forced JBS SA to shut down all of the “fed-beef and regional beef plants” and meatpacking facilities “experienced some level of disruption.”
Sources told Bloomberg News the hacking group REvil (or Sodinokibi) is behind the shutdown of JBS SA, the world’s largest meat producer, plants in the U.S.
JBS SA owns JBS USA and Pilgrim’s Pride Corp.
The cyberattack wiped “out output from facilities that supply almost a quarter of American supplies.” The ransomware REvil used “is a type of malware that locks victims out of their computer networks.”
Four people told Bloomberg REvil are the cyberattackers.
While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cyber-crime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a darkweb blog called “Happy Blog” to name victims when they decline to engage in ransom negotiations. REvil has yet to post a blog item dedicated to JBS.
The company said Tuesday it had made “significant progress” to resolve the cyberattack that affected operations this week at its meat plants in North America and Australia, and would have the “vast majority” of its plants operational on Wednesday.
REvil has a history:
- 2019: attacked Louisiana elections clerks before Election Day
- 2020: attacked law firm “they claimed represented some of Donald Trump’s television enterprises.”
- 2021: hacked Quanta Computer, Inc and “published secret blueprints for new Apple Inc. devices.”
The hack on Monday forced JBS SA to shut down all of the “fed-beef and regional beef plants.” The meatpacking facilities in America “experienced some level of disruption to operations.”
The processing facilities in Nebraska, Texas, Utah, and Wisconsin closed down. Those in Iowa and Colorado will not operate on Tuesday.
Experts do not know yet how it will affect meat supplies at grocery stores. JBS produces the most beef in America and “a fifth of pork capacity”:
Pork and chicken facilities including one in Minnesota were also closed by the owner of Pilgrim’s Pride Corp., the second-biggest U.S. chicken producer, said union officials and employees. At least five of the six U.S. pork facilities were cutting back operations Tuesday, according to Facebook posts from those plants.
William Callicott, president of the Mid-Atlantic Council of Food Inspection Locals, AFGE, said at least two Pilgrim’s Pride poultry plants in Chattanooga, Tennessee, were closed due to the cyberattack.
The hack went global:
Slaughter operations across Australia were also down, according to a trade group, and one of Canada’s largest beef plants was idled. That comes after a weekend attack on the Brazilian company’s computer networks, according to JBS posts on Facebook, labor unions and employees.
It’s unclear exactly how many plants globally have been affected by the ransomware attack as Sao Paulo-based JBS has yet to release those details. The prospect of more extensive shutdowns worldwide is already upending agricultural markets and raising concerns about food security as hackers increasingly target critical infrastructure. Livestock futures slumped, while pork prices rose.
Donations tax deductible
to the full extent allowed by law.