JBS, the world’s largest meat supplier, said it has resumed the "vast majority" of its production plants after a cyberattack crippled production in many of its U.S.- and Australian-based facilities earlier this week – an relatively sunny forecast that came even as the White House vowed to address a recent surge in Russian-linked ransomware attacks during a sit-down meeting with Vladimir Putin later this month.
“Our systems are coming back online and we are not sparing any resources to fight this threat,” Andre Nogueira, CEO of JBS USA, said in a statement Tuesday. “We have cybersecurity plans in place to address these types of issues and we are successfully executing those plans.”
The company said JBS and Pilgrim’s were able to ship meat from nearly all of its facilities that day.
In the statement, JBS said the attack did not affect its backup servers, and is not aware of any evidence that supplier or employee data was comrpimised or misused in the breach.
A spokesperson for the FBI attributed the hack to REvil, a Russian-linked ransomware operation.
"We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice," the FBI said in a statement, adding: "A cyber attack on one is an attack on us all."
Still, the breach is the third such ransomware attack launched by Russian-based criminals this year alone. Such attacks have ratcheted up in recent weeks, White House press secretary Jen Psaki said Wednesday – prompting concern about the vulnerabilities of U.S. critical infrastructure, and whether private companies are indeed prepared to defend themselves from this type of attack.
Asked during Wednesday’s press briefing how the Biden administration might respond to the recent spike in Russian-linked ransomware attacks, Psaki said the United States is “not taking any options off the table.”
"President Biden certainly thinks that President Putin and the Russian government has a role to play in stopping and preventing these attacks," she told reporters.
In addition, Psaki confirmed that President Biden plans to address the Kremlin’s role in harboring Russian hackers during his sit-down with Vladimir Putin later in Geneva later this month.
“There will be an opportunity for the president to discuss this directly with President Putin, to reiterate the fact that we believe that responsible states do not harbor ransomware criminals,” she said of the sit-down. In the meantime, she said, “We will continue to be in touch with Moscow. We will continue to make the case that responsible countries need to take decisive action against ransomware networks.”
MORE ON THE BREACH:
JBS first learned of the cyberattack on Sunday, it said, at which point it "immediately" took all affected systems offline, notified authorities, and activated a team of IT professionals and third-party experts to resolve the situation.
White House officials said Tuesday that the attack was likely an extortion attempt waged by Russian cyber criminals. According to the Washington Post, President Biden was briefed on the ransomware attack on Monday – at which point he directed his administration to "monitor the issue closely and to assess any impact on supply or prices."
Speaking Tuesday to reporters aboard Air Force One, White House spokeswoman Karine Jean-Pierre said the U.S. is "engaging directly" with Russia on the matter.
“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals,” Jean-Pierre said.
Still, the JBS hack comes as the latest in a string of high-profile cyberattacks targeting U.S. criitical infrastructure -- a sign that foreign threat actors, largely based in Moscow, are growing even more brazen in their efforts.
Last month, Russian-based hackers targeted Colonial Pipeline in a sprawling ransomware attack, which imperiled U.S. oil production and touched off a wave of gas shortages across the country. Ultimately, Colonial acknowledged it paid hackers $4.4 million to unlock its systems and data, though this does not currently appear to be the case with JBS.
That attack prompted a stern warning from Biden, who last month urged Moscow to take “decisive action” against ransomware groups operating in the country. “They have some responsibility to deal with this,” he said.
Both White House and the FDA have been in touch with JBS several times this week in regards to the attack, officials said, and have reached out to several major meat processors to alert them of the situation.
Meanwhille, the FBI has launched an investigation into the JBS hack, and CISA – the Department of Homeland Security's cybersecurity arm – has offered its technical support to JBS.
It is unclear what role these recent spate of attacks will play in President Biden’s first sit-down with Russian President Vladimir Putin, slated for June 16 in Geneva.
“We do not regard…this meeting with the Russian president as a reward,” Jean-Pierre told reporters Tuesday, after being asked whether the JBS hack would affect the Biden-Putin meeting.“We regard it as a vital part of defending America’s interests. President Biden is meeting with Vladimir Putin because of our countries’ differences, not in spite of them.”
JBS owns facilities in 20 countries, including 84 in the United States, and is the country's second-largest producer of beef, pork and chicken.
If its production plants were to shut down for even a day, Michigan State University agriculture professor Trey Malone told The Associated Press, the U.S. would lose almost a quarter of its beef production capacity -- or the equivalent of 20,000 beef cows.