Meat Supplier Cyberattack Has ‘Strong Parallels’ to Colonial Pipeline

JBS USA, part of the world’s largest meat supplier, was hit by a cyberattack on Sunday. The attack once again highlights the vulnerability of global supply chains.

JBS USA, part of JBS Foods, says it was the target of an organized cybersecurity attack. It affected some of the servers supporting its North American and Australian IT systems.

The company says it took immediate action, suspending all affected systems. It also notified authorities. Furthermore, it activated its global network of IT professionals and third-party experts to resolve the situation.

The attack didn’t affect the company’s backup servers.

According to CNN, White House Principal Deputy Press Secretary Karine Jean-Pierre told reporters JBS was a victim of a ransomware attack “from a criminal organization likely based in Russia.” In addition, she said the White House is directly dealing with the Russian government on the meat supplier cyberattack.

The cybercriminals didn’t compromise or misuse any customer, supplier or employee data during the attack.

“Resolution of the incident will take time, which may delay certain transactions with customers and suppliers,” the company said.

Colonial Pipeline Similarities

Christoph Hebeisen is Lookout‘s director of security intelligence research. He said the impact of the attack has “strong parallels” to the Colonial Pipeline attack.

An attack hits a critical industry and shuts down production, he said. That leads to financial losses and potentially shortages affecting large populations.

“Forcing a production shutdown may or may not have been part of the intention of the attackers,” Hebeisen said. “However, the impact of this compromise makes it clear that strong protections for IT infrastructure are becoming a business critical imperative for all industries. [That includes] those whose core business does not have an immediately obvious data component.”

John McClurg is senior vice president and CISO at BlackBerry. He said this latest attack underscores the ongoing cyber risk to organizations critical to the “normal functioning of our society.”

BlackBerry’s John McClurg

“It doesn’t matter whether its logistics, fuel or food — these critical supply chains present unique and complex challenges from a cybersecurity perspective,” he said. “Organizations worldwide should ensure the use of intelligent cybersecurity solutions that can prevent, detect and respond to these attacks, now and in the future.”

No Need for Panic

Vectra’s Oliver Tavakoli

Oliver Tavakoli is Vectra‘s CTO. He said ransomware attacks “make clear our reliance on supply chains” susceptible to small-scale and short-term disruptions.

“While such attacks clearly will be a big deal for the victim organizations – and we can lament the fact that we live in a world where such things seem to be everyday events — a single supplier of meat going offline for a few days should not create a panic,” he said. “The practical result of such attacks is that we need to balance the desire to have lean (and highly profitable) supply chain with the need to have a resilient one.”