Cybercriminal activities are everywhere. From gas pipelines, health care services to food processing organizations, threat actors have been exploiting every sector to their advantage. The recent victim to join the bandwagon of high-profile cyberattacks is JBS, one of the largest meat processing giants globally. In an official notice, JBS admitted that it recently sustained an organized cyberattack that affected some of its IT systems in North American and Australian units.
Upon discovering the attack, JBS immediately suspended all its operations and suspended the affected systems. While there is no sign of misuse of any customer, supplier, or employee data yet, the company stated that the incident may delay certain transactions with customers and suppliers in Canada and Australia.
JBS also notified the federal authorities and engaged a third-party security firm to investigate the incident. The suspension of meatpacking activities could affect consumers and suppliers in multiple countries including the U.S. and also result in meat price hikes.
Are Russian hackers involved?
Cybersecurity experts opined that threat actors linked to Russia are likely behind this incident. White House spokeswoman Karine Jean-Pierre said they’ve contacted Russia’s government about the matter and the FBI is investigating the same.
“The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day. JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals,” Jean-Pierre said.
What Experts Say…
Commenting on the incident, Rob Cheng, founder and CEO of cybersecurity firm PC Matic, said, “The ransomware attack on meat producer JBS USA, which appears to have originated from Russia according to White House officials, is the latest reminder that companies need to make changes to their cybersecurity strategy if they want to avoid dire setbacks to their business.
It may sound painfully obvious but the key to stopping ransomware attacks is prevention. That doesn’t mean just deploying an antivirus solution and calling it a day. It’s fine to have an AV solution to detect threats but relying only on antiquated blacklisting technologies means playing a never-ending game of catchup that you simply can’t win. Organizations need to add a more preventative layer to their cybersecurity strategy such as whitelisting technology. Because whitelisting only allows safe applications and files to run, it is the only proven preventative measure against polymorphic malware that is running rampant across hospitals, utility companies, government agencies, K-12 institutions, and companies of all sizes.”