The fallout from the massive international cyberattack on JBS USA, the world’s largest meat producer, might soon be evident in your supermarket’s refrigerator case and at the checkout counters.
The brief production disruptions at the plant in Souderton, Montgomery County, and eight others nationwide from what apparently was a ransomware attack could have at least a minimal impact on meat supplies — especially if compounded by consumer hoarding — industry analyst Mark Jordan said.
The FBI, in a statement Wednesday, said that the attack was the work of the ransomware gang REvil, which has made some of the largest ransomware demands on record.
But for consumers, the effects won’t rival those of the coronavirus-related shutdowns of last spring that lasted three weeks or more.
The timing of the attacks might have blunted the impact, said Jordan, executive director of Leap Market Analytics.
JBS USA posted a statement on its homepage Sunday announcing the attacks. It so happened that the plants in Souderton and elsewhere weren’t operating on Sunday or Monday, the Memorial Day holiday, when barbecues are an American tradition.
“It would have been a bigger hit a week or two ago,” Jordan said. “You’re five days late to the party.”
Wendell Young IV, head of the United Food and Commercial Workers International Union’s Pennsylvania affiliate, which represents the Souderton plant’s employees, said the timing also could have been a disaster for employees had it occurred on a workday.
“These are dangerous places to work,” he said. The plants are strung with millions of miles of wires, and “everything comes in on hooks and goes out in boxes.”
The Souderton plant will be in full operation Thursday, he said, and according to JBS, so will all the other facilities. The plants with disruptions lost one to two days of work.
Some of the 1,500 employees, including maintenance workers, returned to the Souderton plant on Wednesday, Young said. “We have limited operations,” he added. “It’s not like it’s shuttered. They’re processing some ground meat.”
If JBS can get back in full operation by the week’s end, the overall impact should be minimal, Jordan said.
It was not known whether JBS paid a ransom, the Associated Press reported, adding that the company had not discussed it in public statements, and did not respond to phone and email messages Wednesday seeking comment.
JBS is a mammoth enterprise, with headquarters in Brazil. It employs about 250,000 worldwide, with annual revenues estimated at more than $50 billion, and supplies a good 20% of the beef and chicken sold in the United States, Jordan said.
Young said that the hoarding potential might be a bigger threat than the actual production stoppages. He noted that when meat plants were shut down across the country in April 2020 because of the coronavirus, the resultant supply crises were short-lived and were driven primarily by hoarding.
And, evidently, JBS was the only meat producer targeted.
“So far, this seems to be one packer,” Jordan said, but added, “It’s a big one.”
In a statement, the international union, which represents JBS employees across the country, called on the company and public officials to “help get JBS meatpacking workers back on the job as soon as possible.”
In its posting Sunday, the company said it “took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation. The company’s backup servers were not affected.”
Allan Liska, with Recorded Future, a cybersecurity firm, said more than 40 ransomware attacks have targeted food companies since spring 2018.
“The food industry has lagged other sectors in improving cybersecurity, despite the fact that food production is listed as one of 13 critical infrastructures,” he said.
White House Press Secretary Jen Psaki said Wednesday that the Biden administration was considering all options in dealing with the JBS attack.
“I can assure you that we are raising this through the highest levels of the U.S. government,” she said.
Psaki added that the attack “is also a reminder to the private sector about the need and importance of hardening their own cybersecurity protections.”
This article contains information from the Associated Press.