Macro Systems Blog
Examining the JBS S.A. Ransomware Attack
Last weekend a significant cyberattack occurred against the world’s largest meat processor and distributor, JBS S.A., that completely shut down the company’s operations in both North America and Australia… and as a result, has affected the supply chains associated with the organization. What lessons can be learned from all this?
What Happened to JBS S.A.?
Over the weekend of May 2021, JBS’ global IT systems were targeted by a ransomware attack that completely suspended the meat processor’s operations in North America and Australia. Seeing as effectively each step of the company’s operations (from livestock procurement all the way to export and shipment) rely on some kind of technology, everything was put on pause.
Luckily, JBS had implemented backups, and have thus been able to restore their systems and are returning to operation. Moreover, there has been no apparent evidence discovered suggesting that any customer, employee, or supplier data was compromised in the attack.
On the other hand, this does not mean that there is nothing more to examine surrounding these events.
First of All, Who’s Responsible, and Who is Involved in Fighting Back?
There has been no indication that any activist groups were involved in the attack. Instead, sophisticated cybercriminals that have been previously associated with Russian cyberattacks have been assigned blame for this attack. Along with the Federal Bureau of Investigation’s interest in the cyberattack, the United States government has been in communication with Russia concerning these efforts.
The Australian Cyber Security Centre has also been providing their assistance, although they would not disclose what the nature of this assistance was, while the organization was also working with both the Australian government and the Australian Federal Police to more assuredly identify the responsible party.
The Impacts of Ransomware and Other Threats
While ransomware is still relatively new in terms of mainstream threats, it has grown from a concerning eccentricity to a global concern in the few years it has been popularized. More than a threat that simply locks down a computer or network, ransomware now involves an element of exfiltration—not only is the target’s data deleted unless a ransom is paid, it is also stolen and sold unless a second ransom demand is also paid up. This form of attack is closely associated with exactly the groups that are suspected of conducting the attack on JBS.
Fortunately, JBS was smart and had protected themselves ahead of time by implementing a backup solution. This is exactly why we always encourage businesses to do just that: the backup serves as your business’ insurance policy should your operations ever be targeted by such an attack. Alas, this isn’t unlikely as many such attacks are spread through automated phishing campaigns and other hands-off means of dispersing malware.
At Macro Systems, we’re committed to helping businesses resist cybersecurity problems of all shapes and sizes, along with helping you manage your IT in the operational sense. Start a conversation with us by calling 703-359-9211 today.
Comments