JBS Is Restoring Its Systems With a Backup, But Vulnerabilities Remain

The weekend cyberattack on one of the biggest meat suppliers in the world was reportedly a ransomware attack, admitted JBS SA to the U.S. government, according to a recent report from TechRadar Pro.

JBS said it made substantial progress in efforts to restore its systems from backups, which were safeguarded from the cyberattacks. But the mass shutdowns of slaughterhouse operations throughout the U.S., Canada, and Australia represent a near-knockdown blow to aspects of the global supply chain, and exposed critical vulnerabilities in global infrastructure.

JBS cyberattack exposes 'criticality of the supply chain'

As of writing, JBS has yet to announce details about the ransomware attack, but four people involved in the campaign who weren't authorized to speak on behalf of the Sao Paulo-based company told Bloomberg that the cyberattack came from the REvil gang. In the aftermath of the cyberattack, JBS took some of its servers in Australia and North America offline, which interrupted its operations. The global shutdowns reportedly shook agricultural markets, causing Livestock futures to slump.

In reaction to this, the Australian Cyber Security Center launched an investigation into the attack, with the country's Agricultural Minister David Littleproud announcing that the government is attempting to identify and prosecute the hackers. But more generally, the JBS cyberattack brings into focus concerns about the safety of critical infrastructure. This is the second cyberattack targeted at major infrastructure in less than a month, coming weeks after a similar attack on Colonial Pipeline — one of the largest gasoline pipelines in the United States.

CTO of a company Armis Nadir Izrael thinks the successive cyberattacks reveal the aging and vulnerable sites of infrastructure, in addition to the way in which attacks can rapidly cascade throughout the supply chain. "These issues have brought to light the criticality of our supply chain, as attackers forced the company to halt services to resolve the issue — creating significant issues for customers and suppliers," said Izrael in the TechRadar Pro report.

Further cyberattacks may precede campaigns to bolster infrastructure

This analysis comes a day after one-fifth of the United States' beef capacity was wiped out by the cyberattack, which supports Izrael's assessment. With 22,500 cattle processed every day in the U.S., this crucial industrial component of the national food supply chain might remain vulnerable to future cyberattacks, without a serious overhaul of digital infrastructure. We still don't know how the slaughterhouse shutdowns will affect grocery store prices, but economic trickle-down from crises is generally proportional to how long the situation continues.

"Attacks like [the one on JBS] highlight the vulnerabilities in our nation's food supply chain security, and they underscore the importance of diversifying the nation's meat processing capacity," said U.S. Senator John Thune of South Dakota, in a Bloomberg report. In light of this, it's possible meat prices won't be affected at all, but if vulnerabilities in gasoline pipelines and beef producers are mirrored in other key infrastructural supply chains, it might not be long until our attention is directed to further potentially exposed economic sectors. Time will tell whether bolstered infrastructural campaigns precede the next cyberattack, or not.