Cybercriminals are keeping their sights aimed high as Brazilian-based JBS S.A., the world’s largest meat processor, was attacked with ransomware on May 31, 2021. JBS joins other giants, Wendy’s, Molson Coors, and E & J Gallo Winery as those recently attacked in the food industry. JBS is one of the largest beef importers to the United States and Canada.
The FBI is attributing the attack to Russian-based cybercriminals, REvil. For financial gain, REvil (pronounced R-eevuhl and short for Ransomware Evil) threatens to post stolen information to their “happy blog” for the world to see.
What was Affected in the JBS Ransomware Attack?
The exact attack details were not made public but here’s what we do know. REvil attacked servers that supported JBS’s North American operations, while JBS reported that its backup servers were not affected. The cyberattack led to the preventative shutting down of 84 facilities in the U.S., Canada and Australia.
“The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation,” JBS USA said in a company-issued statement.
Ransomware Defense Begins with Email Security
REvil also reportedly used a tactic called “triple extortion” in its breach of the JBS servers, although customer and third parties have not been publicly identified.
- Traditional ransomware breaches a network, then encrypts sensitive data so it is no longer accessible to the data owners. Attackers demand ransom in exchange for the decryption key.
- Double extortion takes on the look of a traditional ransomware attack, but in this case, sensitive data is threatened to be released to the public in exchange for a ransom payment.
- Triple extortion uses the same tactics as traditional and double extortion, but it expands its extortion threat to customers, partners and third parties.
Once addressed, the attack seemed to cause minimal disruption, as meat has a 14-day window to move through the market. Since the plants were closed for about a day or two, the company can make up for lost time with extra shifts. The FBI has reached out to other major meat processors asking them to make up for missed production.
JBS has not disclosed whether it has paid the hackers.
How Mailprotector Can Help Your Users Prevent Cyberattacks
JBS followed some IT industry best practices, particularly by having off-network backup servers. Solid email security also plays an enormous role in preventing ransomware attacks. Particularly when you deploy an easy-to-adopt encrypted email policy. We have compiled 5 recommendations to help you keep your users safe.
Read More: How to Prevent Ransomware Attacks