An Overview of the 2021 JBS Meat Supplier Ransomware Attack

Over the last weekend of May 2021, the world's largest meat supplier became a victim of a malicious cyber attack. 

But it wasn’t just any attack;  JBS Foods Group was hit with ransomware— a form of malware that is freezing its operating systems across the U.S. and threatening America’s meat supply at large.

We’re taking a look at what happened, how it’s affecting JBS and meat consumers across the globe and how organizations like yours can prevent ransomware threats like this:


What Happened?

On Sunday, May 30th, the world's largest meat supplier— JBS Foods Group— was forced to halt operations in North America and Australia due to a cyber attack.

The meat supplier announced in an email that the culprit was ransomware, a form of malware that locks users out of their database(s) or bars access to pertinent information until the victim pays a ransom.

As a result of this system-freezing attack, JBS was forced to cease operations at 13 of its meat processing plants in the U.S. on Tuesday, June 1, according to CBS.

While the cybercriminals have yet to be identified, there is suspicion that the attack was the work of a Russian-based criminal organization. 


The Implications of the Ransomware Attack

The good news is, JBS claims to have a disaster recovery plan and is making "significant progress" containing the attack, according to The Associated Press.

"We have cybersecurity plans in place to address these types of issues,” JBS USA CEO Andre Nogueira stated, “and we are successfully executing those plans."

The bad news is, it’s unclear how this halt in production will affect America’s meat supply chain— with both beef and chicken processing plants within JBS’s facility chain facing a full shutdown. Depending on how long the ransomware system freeze stays in place, U.S. meat consumers could face supply shortages and a resulting spike in meat prices. 

"Given the progress our IT professionals and plant teams have made in the last 24 hours,” Nogueira said as of Tuesday, “the vast majority of our beef, pork, poultry and prepared foods plants will be operational [on Wednesday]."

Even then, that means JBS Food would have halted meat processing operations at multiple locations for 3-4 full days. While this may not seem drastic, there is no way to quantify the effect this may have on meat supply in the U.S. to come. According to reports by NBC, meat prices have already risen 5% from last year as a result of the coronavirus pandemic. Could this cyber attack lead to even higher prices on beef and poultry— and a pandemic-like scramble for meat packages at the grocer? 

As of Wednesday, it’s unclear how much the ransom demand is or if JBS plans on paying it.


The Growing Threat of Ransomware

This ransomware attack struck just one month after another Russian attack on Colonial Pipeline, which led to gas shortages in multiple states and cost the victim’s nearly $5 million in ransom costs to unlock. 

And that’s not all. Last year was riddled with ransomware attacks— from the 2020 Garmin breach to United Health Services’ system shutdown.

One thing’s for sure: ransomware attacks are in full force, and your company has a responsibility to prepare for this growing threat. 

While not always, ransomware is typically a by-product of a clever social engineering scheme, in which a bad actor uses open-source intelligence to trick employees into disclosing sensitive data— data that gives them the info they need to crack passwords, weave convincing pretexts and sneak around even the best laid technical defenses.

Curious as to how these social engineering attacks typically work? Here are a few ways bad actors are using the COVID-19 pandemic to their advantage as well as some important tips for educating remote employees about cyber threats like these. 


Are You Properly Prepared for a Ransomware Attack?

While many companies assume they are doing all they can to safeguard against cyber threats like ransomware, how can you be sure? With more and more employees working from home, bad actors are targeting corporate security remotely. 

Download our 5 1/2 Easy Steps to Avoid Cyber Threats guide for some actionable recommendations for strengthening your best defenses from the team at Mitnick Security. 

New call-to-action

Topics: cyber security, Password Management, cyber attack

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Bypassing Key Card Access: Shoring Up Your Physical Security

As you build additional layers of defense into your cybersecurity framework, it's important to implement physical security strategies as well.

Read more ›

How to Prioritize Your Pentesting Report’s Remediation Recommendations

If you recently received a penetration test, you’re on the right track to improving your cybersecurity posture. However, you may be wondering what the..

Read more ›

Understanding Post-Inoculation Cybersecurity Attack Vectors

If you’ve recently improved your cybersecurity posture, you should know that the work to protect your company’s data is not over.

Read more ›