The good news however is that JBS says it has made significant progress in restoring its systems from backups, which were apparently unaffected.
The attack on the Sao Paulo-based company forced shutdowns at slaughter operations across the US, Canada, and Australia, having severe knock-on effects on its global supply chain.
We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.
While JBS hasn’t officially shared any details about the ransomware attack, four people familiar with the campaign who were not authorized to discuss the matter publicly told Bloomberg that JBS was attacked by the notorious REvil gang.
Critical infrastructure remains critical
Following the attack, JBS was forced to take some of its servers in North America and Australia offline, which adversely disrupted its operations. Reportedly, the global shutdowns rattled the agricultural markets, slumping Livestock futures.
In response it is said that the Australian Cyber Security Center is investigating the attack, and the country’s Agriculture Minister David Littleproud has said the government is working to bring the perpetrators to justice.
The JBS attack once again raises concerns about the sanity of critical infrastructure. Notably, the attack is the second such cyberattack against critical infrastructure in under a month, coming a few weeks after a similar operation against Colonial Pipeline, which operates one of the biggest U.S. gasoline pipelines in the US.
Nadir Izrael, CTO at security company Armis believes these continued attacks show that critical infrastructure around the world is ageing and vulnerable, and how attacks against them can have a cascading impact across the supply chain.
“These issues have brought to light the criticality of our supply chain, as attackers forced the company to halt services to resolve the issue — creating significant issues for customers and suppliers,” Izrael told TechRadar Pro.
He goes on to say that because the systems that power these critical infrastructure weren’t built with cybersecurity in mind, we should brace ourselves for more such attacks in the future.