Ransomware attacks rolled meat giant JBS, then spread to farmers, restaurants – –

Ransomware attacks rolled meat giant JBS, then spread to farmers, restaurants – –

The culprit, a ransomware attack, didn’t just hit its mark: it rocked the American food industry, from pig farms in Iowa to small town processing plants and New York City restaurants. The hack triggered a domino effect that drove up wholesale meat prices, supported animals in barns, and forced food distributors to hastily seek out new suppliers.

The attack was the latest standoff between cybercriminals and the companies integral to the functioning of the US economy. It was another disruption to the U.S. food industry after last year’s Covid-19 pandemic forced weeks of plant closures, and this year an economic rebound has strained suppliers’ ability to respond to the request.
After identifying the incursion early on Sunday, May 30, JBS said it alerted US authorities and set three goals: determine which operations could be performed offline; restart systems using backup data; and bring in experts to manage negotiations with attackers. That afternoon, the company concluded that the encrypted backups of its data were intact, said Andre Nogueira, CEO of JBS USA Holdings Inc.

The Greeley, Colorado, beef plant of JBS, the world’s largest meat company by sales.

Michael Ciaglo / Bloomberg News

On Remembrance Day, May 31, JBS employees, FBI officials and cybersecurity specialists at JBS US headquarters in Greeley, Colorado, worked to bring the systems back online. They had prioritized JBS’s shipping platform, allowing the company to resume transporting meat to customers.

The farmer

Just before 9 p.m. Monday, Dwight Mogler walked around a cemetery in Lyon County, Iowa, near his family’s farm. He ignored a call as he spoke with his 16-year-old son about the sacrifices of veterans buried there. A follow-up text message from his logistics manager caught his attention.

“Hey, Dwight, JBS has had some sort of cyber attack, and I’m not really sure what’s going on, but I have to put your charges on hold for now,” the post read. Mr Mogler said he briefly wondered whether the US meat industry was under attack from Russia or China.

Mr Mogler called Tuesday morning to find other buyers for the hogs he was due to deliver that day to a JBS plant in Worthington, Minnesota. He ran into a new problem: JBS’s suspended operations had left more pigs in the US market. , lowering prices. He found competing factories in Iowa and Nebraska to take his hogs, but Mogler estimated that falling market prices reduced his sales for the week by about $ 17,000.

“We already have a lot of volatility, that has only amplified that in the market,” said Mr Mogler, who delivered more pigs to the JBS plant in Worthington on schedule later in the year. week.

The senator

Mr. Nogueira had a call Tuesday with Senator Chuck Grassley (R., Iowa). A farmer himself, Mr Grassley criticized the meat packaging industry for being heavily consolidated among a handful of large corporations.

Mr Grassley had met with ranchers who feared the cyber attack could harm their business, he said in an interview. The senator wanted to know how long JBS operations could be suspended and if he could help. They explained how cryptocurrencies like bitcoin made it easier for cybercriminals to launch ransomware attacks and cover their tracks.

Mr. Grassley and Mr. Nogueira understood the ramifications of unexpected slaughterhouse failures. Covid-19 infections among factory workers in the spring of 2020 forced major slaughterhouses to close for weeks, supporting livestock on farms and leading farmers to euthanize tens of thousands of pigs.


Food distributors, who were already struggling to get enough meat when restaurants reopened, rushed to replace beef, pork and chicken orders they had placed through JBS. Some who usually source meat from other suppliers bought more than expected, in the event of a prolonged rise in wholesale prices.

With JBS’s processing operations largely offline on Tuesday, the number of cattle and hogs slaughtered in the United States plummeted, tightening the meat supply and pushing up wholesale beef and pork prices. Prices for bone-in pork butts, used to make barbecue staples like pulled pork, climbed 25% last week to a record $ 2.48 a pound, according to a distributor.

Employees at the JBS production plant in Greeley, Colorado, June 1.

Michael Ciaglo / Bloomberg News

For Billy Joe’s Ribworks, a steakhouse overlooking the Hudson River in New York City, pork butt prices jumped 40 cents a pound last week, owner Joe Bonura said.

Mr Bonura, who said he resisted a ransomware attack at a hotel he owns earlier this year, said rising meat prices were on top of other growing costs he is paying for many. goods and services to reopen the economy. “It’s rubbish and we have to eat it, we can’t keep raising the prices,” he said.


On Tuesday evening, progress in bringing JBS’s systems back online using his backup data made Mr. Nogueira confident enough to issue a statement announcing that the majority of JBS’s factories would be operational on Wednesday, June 2.

The company’s consultants had continued to negotiate with the pirates. Although forensic analyzes by JBS and its specialists showed that no customer, supplier or employee data was compromised, Nogueira said, cybercriminals claimed to have captured some of it.

JBS cybersecurity experts warned attackers may have left a way back. After JBS negotiators and hackers hit $ 11 million, far less than the initial demand, Nogueira said, he decided to pay.

JBS sent the payment as a lump sum in bitcoin, Mr. Nogueira said. Subsequently, he said, the attackers admitted that they had not captured any JBS data. Mr. Nogueira declined to say on which day JBS made the payment. The cost of the attack, he said, would be irrelevant to JBS, which in 2020 generated $ 53 billion in sales worldwide.

Tom Robinson, chief scientist at Elliptic, a UK-based blockchain analytics and compliance firm, said a payment of 301 bitcoins, worth around $ 11 million to the period, was performed shortly after 7 p.m. ET on Tuesday, June 1. on factors such as the date of the transaction and the exchange from which it was made, he believed it was the payment from JBS.

On Thursday, June 3, JBS said all of its factories were fully operational. Mr Nogueira said that by the end of the week, JBS had lost less than a day of production and its customer order fulfillment rate was only 3% below normal, less than the impact the company could see from a severe storm.

After the attack, Nogueira said he received messages of support from other companies that had faced similar incursions. “Criminals will continue to be more sophisticated,” he said. “We have to monitor our investments.

Representative Carolyn Maloney (D., NY), chair of the House Oversight Committee, on June 10 called on JBS to produce documents and communications related to the cyberattack and the ransom payment, as lawmakers consider legislation on ransomware and cybersecurity. A spokesperson for JBS said the company would comply.

Cattle slaughter rebounded later in the week as JBS factories came back online, USDA data shows. The USDA said this week it would invest more than $ 4 billion to strengthen and diversify the food system, including investments in small and medium-sized meat processing facilities. Agriculture Secretary Tom Vilsack said it was important to protect markets and consumers from such disruptions as cyber attacks become more frequent.

“JBS has certainly learned some things from this,” Mr. Vilsack said. “I hope it’s a wake-up call for everyone. “

Cyber ​​attacks and businesses

Write to Jacob Bunge at [email protected] and Jesse Newman at [email protected]

p style= »position: absolute;z-index:-1;top:0;left:-15000px; »>Copyright ©2020 Dow Jones & Company, Inc. Tous droits réservés. 87990cbe856818d5eddac44c7b1cdeb8


Please enter your comment!
Please enter your name here