The JBS Canada beef processing facility in Alberta has resumed production after a cyberattack that impacted the company’s operations in North America and Australia.
The JBS Canada facility in Brooks, Alta., employs more than 2,800 people.
Some plant shifts in Canada were cancelled Monday and Tuesday, according to JBS Facebook posts.
The world’s largest meat processing company was the target of an organized cybersecurity attack, affecting some of the servers for its North American and Australian IT systems.
It said its backup servers were not affected and that it was not aware of any evidence that any customer, supplier or employee data had been compromised.
The company said Tuesday it was making progress in resuming plant operations in the U.S. and Australia. It said several of its pork, poultry and prepared foods plants were operational as well as the Canadian facility.
JBS notified the Australian government the ransom demand associated with the attack came from the ransomware gang REvil, which is believed to operate in Russia, according to a person familiar with the situation who is not authorized to discuss it publicly.
The attack was the second in a month on critical U.S. infrastructure. Earlier in May, hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid nearly $5 million US to the hackers.
JBS is the second-largest producer of beef, pork and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.
The JBS plant closures reflect the reality that modern meat processing is heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process; orders, billing, shipping and other functions are all electronic.
It’s not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.
In March, Molson Coors announced a cyber attack that affected its production and shipping. Molson Coors said it was able to get some of its breweries running after 24 hours; others took several days.
Following the incident involving Colonial, Canadian pipeline companies TC Energy and Enbridge said they regularly take precautions, including technology and training to protect their operations from cyberattacks.
Cybersecurity experts say a common way for hackers to penetrate security is to trick employees through emails or texts that allow disruptive software into corporate systems.
A Proofpoint survey of 1,400 chief information security officers from 14 countries, found that email fraud was identified as the top cybersecurity problem for the Canadian CISOs.
Other problems cited by the Canadian respondents to the first-quarter survey was the use of unauthorized devices or software, as well as weak passwords.