JBS USA

JBS USA and Pilgrim’s were affected by a criminal cyberattack May 30.

JBS USA and Pilgrim’s are fully operational after resolving the May 30 criminal cyberattack. 

The rapid recovery, according to Andre Nogueira, JBS USA chief executive officer, was due to “robust IT systems and encrypted backup servers.”

As a result, JBS USA and Pilgrim’s limited the loss of food produced during the attack to less than one day’s worth of production. 

“Thanks to the dedication of our IT professionals, our operational teams, cybersecurity consultants and the investments we have made in our systems, JBS USA and Pilgrim’s were able to quickly recover from this attack against our business, our team members and the food supply chain,” Nogueira said.

“The criminals were never able to access our core systems, which greatly reduced potential impact. Today, we are fortunate that all of our facilities around the globe are operating at normal capacity, and we are focused on fulfilling our responsibility to produce safe, high-quality food.”

Upon learning of the intrusion, the company contacted federal officials and activated its cybersecurity protocols, including voluntarily shutting down its systems to isolate the intrusion, limit potential infection and preserve core systems. 

In addition, the company’s encrypted backup servers, which were not infected during the attack, allowed for a return to operations sooner than expected. JBS USA and Pilgrim’s prioritized restoring systems critical to production to ensure the food supply chain, producers and consumers were not adversely impacted.

“We would like to thank the White House, the USDA and the FBI for their support in quickly resolving this situation,” Nogueira said.

On June 4, the FBI attributed the JBS attack to REvil, a notorious ransomware gang, and the agency is “working diligently to bring the threat actors to justice.”

“We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable,” the FBI said in a press release.

“Our private sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries. A cyberattack on one is an attack on us all. We encourage any entity that is the victim of a cyberattack to immediately notify the FBI through one of our 56 field offices. The company is not aware of any evidence at this time that any customer, supplier or employee data has been compromised or misused as a result of the situation.”

It is unknown if JBS paid a ransom. White House Press Secretary Jen Psaki said President Joe Biden “has launched a rapid strategic review to address the increased threat of ransomware, to include four major lines of effort.”

Psaki said the White House is working closely with the private sector.

“That is something that this administration has done a bit differently than in the past in working to find best practices, ensuring that private sector entities have a seat at the table, and we can work in close coordination.”

It will also build an international coalition to hold countries who harbor ransom actors accountable. 

“I mean, this attack is an example of how this is not just a problem in the United States,” Psaki said. “These are actors who are working to get into systems around the world. This was a company obviously based in Brazil, but Australia was impacted also by this.”

The White House will expand cryptocurrency analysis and review its own ransomware policies. 

Just after the breach, the United Food and Commercial Workers International Union, the union for over 25,000 JBS meatpacking workers nationwide, including JBS Tolleson beef workers in Arizona, said the company needed to work with state and federal leaders to work together to quickly resolve the breach. 

“As the union for JBS meatpacking workers across the country, UFCW is pleased JBS is working around the clock to resolve this and UFCW urging JBS to ensure that all of its meatpacking workers receive their contractually guaranteed pay as these plant shutdowns continue,” said Marc Perrone, the UFCW International president. 

“UFCW is calling on JBS to work with state and federal leaders to help get JBS meatpacking workers back on the job as soon as possible so these essential workers can continue to keep our country’s food supply fully operational and secure as this pandemic continues.”

Based in Greeley, Colorado, JBS USA and Pilgrim’s have 100,000 employees, livestock and poultry producer partners, customers and consumers. 

“JBS USA and Pilgrim’s continue to make significant progress in restoring our IT systems and returning to business as usual,” Nogueira said. 

“Today, the vast majority of our facilities resumed operations as we forecast yesterday, including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the U.S. and Australia.”

The company is not aware of any evidence at this time that any customer, supplier or employee data has been compromised. 

“Given the progress our teams have made to address this situation, we anticipate operating at close to full capacity across our global operations tomorrow,” Nogueira added.