JBS Canada beef processing plant in Brooks resumes production after cyberattack

The world's largest meat supplier, Brazil-based JBS, is back online Wednesday after making what it calls significant progress against a ransomware attack. It was forced to cease cattle slaughtering operations at 13 of its U.S. meat processing plants. The company said the attack came from a criminal organization likely based in Russia.

The JBS Canada beef processing plant in southern Alberta has resumed production after a cyberattack impacted the company’s operations in North America and Australia.

The JBS Canada facility in Brooks, Alta., employs more than 2,800 people.

Some plant shifts in Canada were cancelled Monday and Tuesday, according to JBS Facebook posts.

Read more:
COVID-19 in Brooks — How widespread testing, cultural support helped an Alberta city avert disaster

The world’s largest meat processing company was the target of an organized cybersecurity attack, affecting some of the servers for its North American and Australian IT systems.

It said its backup servers were not affected and that it was not aware of any evidence that any customer, supplier or employee data had been compromised.

The company said Tuesday it was making progress in resuming plant operations in the U.S. and Australia. It said several of its pork, poultry and prepared foods plants were operational as well as the Canadian facility.

The company said it received strong support from the U.S., Australian and Canadian governments, conducting daily calls with officials in an effort to safeguard the food supply.

“I want to personally thank the White House, the U.S. Federal Bureau of Investigation, the U.S. Department of Agriculture, and the Australian and Canadian governments for their assistance over the last two days,” JBS USA CEO Andre Nogueira said in a statement.

JBS notified the Australian government the ransom demand came from the ransomware gang REvil, which is believed to operate in Russia, according to a person familiar with the situation who is not authorized to discuss it publicly.

Read more:
Ransomware attack on world’s largest meat producer disrupts global production

The attack was the second in a month on critical U.S. infrastructure. Earlier in May, hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week.

The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid nearly US$5 million to the hackers.

JBS is the second-largest producer of beef, pork and chicken in the U.S.

If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.

The JBS plant closures reflect the reality that modern meat processing is heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process; orders, billing, shipping and other functions are all electronic.

Read more:
Ransomware demands double amid COVID-19, with health care industry a key target: report

It’s not the first time a ransomware attack has targeted a food company. Ransomware is a type of cyber-attack that infects your device, holding your information hostage until you pay a fee.

Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.

In March, Molson Coors announced a cyber attack that affected its production and shipping. Molson Coors said it was able to get some of its breweries running after 24 hours; others took several days.

Following the incident involving Colonial, Canadian pipeline companies TC Energy and Enbridge said they regularly take precautions, including technology and training to protect their operations from cyberattacks.

Cybersecurity experts say a common way for hackers to penetrate security is to trick employees through emails or texts that allow disruptive software into corporate systems.

A Proofpoint survey of 1,400 chief information security officers from 14 countries, found that email fraud was identified as the top cybersecurity problem for the Canadian CISOs.

Other problems cited by the Canadian respondents to the first-quarter survey was the use of unauthorized devices or software, as well as weak passwords.

— With files from Rod Mcguirk And Dee-ann Durbin, The Associated Press

© 2021 The Canadian Press

You May Also Like

Top Stories