The FBI is probing a ransomware attack against Brazil’s JBS that has disrupted meat production in Australia and North America.
The White House says Brazil’s JBS SA has informed the US government that the attack originated from a criminal organisation likely based in Russia.
JBS is the world’s largest meatpacker and the incident caused its Australian operations to shut down on Monday and has stopped livestock slaughter at its plants in several US states.
The ransomware attack follows one last month by a group with alleged ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the US southeast.
White House spokeswoman Karine Jean-Pierre said the United States has contacted Russia’s government about the matter and that the FBI is investigating.
“The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day,” Ms Jean-Pierre said.
“JBS notified the administration that the ransom demand came from a criminal organisation likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” Ms Jean-Pierre added.
JBS is Australia’s largest meat and food processing company, with 47 facilities across the country, including abattoirs, feedlots and meat processing sites, with around 11,000 employees.
Queensland’s meatworkers’ union says up to 4,000 workers might lose out on a week’s worth of wages due to the cyber attack.
Matt Journeaux, from the Australian Meat Industry Employees Union, said it was a “kick in the guts” for workers.
“There is a provision in the Fair Work Act that if the company can’t be reasonably held responsible, they can stand people down so that’s yet to be worked out, but unfortunately JBS are probably in their rights to stand people down without pay for this situation,” Mr Journeaux said.
Agriculture Minister David Littleproud yesterday said the federal government and the Australian Federal Police were working with JBS to resolve the problems and to pursue those responsible.
“Despite the fact that JBS accounts for around 20 per cent of our processing production here in Australia, we’re not expecting there to be significant impacts on exports so long as this isn’t a protracted shutdown,” Mr Littleproud said.
“We’re also working with JBS right here in Australia to make sure that we can get some limited capacity up and going in the next couple of days. JBS have been very proactive in that.”
Australian staff learned of the attack when they were turned away from their workplaces on Monday.
JBS sells beef and pork under the Swift brand, with retailers like Costco carrying its pork loins and tenderloins.
JBS also owns most of chicken processor Pilgrim’s Pride Co, which sells organic chicken under the Just Bare brand.
If the outages continue, consumers could see higher meat prices during summer grilling season in the US and meat exports could be disrupted at a time of strong demand from China.
The disruption to JBS’s operations have already had an impact, analysts said.
US meatpackers slaughtered 94,000 cattle on Tuesday, down 22 per cent from a week earlier and 18 per cent from a year earlier, according to estimates from the US Department of Agriculture.
Pork processors slaughtered 390,000 hogs, down 20 per cent from a week ago and 7 per cent from a year ago.
JBS said it suspended all affected systems and notified authorities.
It said its backup servers were not affected.
“On Sunday, May 30, JBS USA determined that it was the target of an organised cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems,” the company said in a Monday statement.
“Resolution of the incident will take time, which may delay certain transactions with customers and suppliers,” the company’s statement said.
The company, which has its North American operations headquartered in Greeley, Colorado, controls about 20 per cent of the slaughtering capacity for US cattle and hogs, according to industry estimates.
“The supply chains, logistics, and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments,” said threat researcher John Hultquist with security company FireEye.
US beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses face a dearth of workers.
Any impact on consumers would depend on how long production is down, said Matthew Wiegand, a risk management consultant and commodity broker at FuturesOne in Nebraska.
“If it lingers for multiple days, you see some food service shortages,” Mr Wiegand added.
Two kill and fabrication shifts were cancelled at JBS’s beef plant in Greeley due to the cyberattack, representatives of the United Food and Commercial Workers International Union Local 7 said in an email.
JBS Beef in Cactus, Texas, also said on Facebook it would not run on Tuesday.
JBS Canada said in a Facebook post that shifts had been cancelled at its plant in Brooks, Alberta, on Monday and one shift so far had been cancelled on Tuesday.
A representative in Sao Paulo said the company’s Brazilian operations were not impacted.