JBS Green Bay production resumes after cybersecurity attack
GREEN BAY, Wis. (WBAY) - JBS USA officials have confirmed the company was the target of an organized cybersecurity attack.
The confirmation was made in a company-issued statement late Monday afternoon.
According to the meat producing company, the attack, which they became aware of on Sunday, affected some of the servers which support its North American and Australian IT systems.
While company officials began suspending all affected systems and activated a network of IT professionals and experts to help resolve the situation, the company states it is currently working with an Incident Response firm to restore its systems.
A United Food and commercial Workers International Union official told ABC News early Tuesday evening that all JBS beef plants are shut down due to the attack, including the shutdown of the JBS facility in Green Bay.
Late Tuesday afternoon, the company announced there would be a four hour delay for production on Wednesday, June 2. Fabrication started at 10 a.m., while harvesting started at 10:15 a.m. Officials with JBS had announced late Monday night that there would be no production on Tuesday, June 1.
James Lee, Chief Operating Officer for Identity Theft Resource Center, said well-organized criminal enterprises are set up like a business.
“One group will actually find a flaw in the company, another group will exploit the flaw, the third group will actually conduct the attack and the fourth group actually collects the payment. So, it runs just like a legitimate business would run, except it’s an illegitimate business,” said Lee.
Lee said that’s what makes it so hard to fight. These criminals find companies who are either vulnerable, have a lot of money, or have more to lose than gain by putting up a fight.
“In this case, we’ve kind of got all three. JBS is one of the largest meat processing companies in the world. This particular attack is affecting people in Australia, as well as North America, as well as Green Bay,” said Lee.
The company did not say what kind of cyber attack happened but said a resolution will take time to reach, and may delay some transactions with customers and suppliers.
“And that’s part of that pressure game that these cybercriminals use,” said Lee. “They know a company has tremendous interest in keeping their operations running. That’s what they’re counting on when they do these kinds of attacks. We don’t know for sure if this is a ransomware attack, but it has all the hallmarks of being one.”
As of this time, the company says it isn’t aware of any customer, supplier, or employee data that was compromised or misused due to the situation.
So how do companies protect themselves? Lee said companies should make sure their software is patched up and that they keep good backups to restore hacked systems. JBS said its backup servers were not impacted by the attack, which Lee said is helpful. He said companies should also make sure its employees know how to spot a phishing email or text message.
“So they don’t click on something that could wind up corrupting your entire network,” said Lee.
Along with these guidelines, Lee said companies would also benefit from the creation of a ‘Security Breach Law’, which is something that is already being discussed in Washington.
“We don’t have a law that says when there is a cyber attack and how the company has been impacted, there’s no requirement that that’d be reported,” said Lee. “What that does is it keeps all of us... from learning from these attacks so we can better prepare ourselves and better protect ourselves.”
JBS produces beef, pork and poultry, and is headquartered in Greeley, Colorado. The company’s website says it has 84 locations in the United States and Australia, as well as nearly two dozen sites in the United Kingdom. The company also has locations in Mexico, Canada, and New Zealand, as well as other locations throughout Europe.
The company’s full statement can be found below.
“On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems. The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation. The company’s backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible. The company is not aware of any evidence at this time that any customer, supplier or employee data has been compromised or misused as a result of the situation. Resolution of the incident will take time, which may delay certain transactions with customers and suppliers.”
Action 2 News has reached out to JBS for more information regarding this situation, and will update this story as more details become available.
Copyright 2021 WBAY. All rights reserved.