Cyberattack on meat giant JBS has industry looking to fortify defenses

Livestock industry leaders are looking for ways to prevent cyberattacks. (Photo by Ahlea Forster, CC BY-SA)

A ransomware attack on the world’s largest meatpacking company this week drew attention to the need for more cybersecurity in agriculture.

JBS plants across the U.S. had moved toward reopening at full capacity late Wednesday after a cyberattack on servers. The White House said a Russian crime organization is likely to blame. 

President Joe Biden has been preparing for talks with Russia, which has been accused of interfering with U.S. elections and with the operation of the Colonial Pipeline

When a reporter asked President Joe Biden on Wednesday if he would retaliate against Russian leader Vladimir Putin for the latest ransomware attack, Biden said, “We’re looking closely at that issue.”

Asked if Putin was testing him, Biden said, “No.”

Some feared that the hacking at JBS would mean a return to even higher prices at meat markets, and maybe shortages. There were no reports of that happening as of Wednesday, however.

The incident had more than meatpacking plant operators nervous. Hog producers were, too.

Pat McGonegle, CEO of the Iowa Pork Producers Association, whose state is the nation’s top supplier of hogs, said the JBS incident showed that an industry already consumed with guarding against biological attacks that could disrupt the food supply now needs to ramp up its work on preventing cybercrimes.

“I think this particular incident will accelerate and heighten the preparedness that we take as an industry,” McGonegle said.

While he said he doesn’t know of cybercrimes at individual livestock confinement operations in Iowa, many feature climate controls and other systems that are connected online, McGonegle said. That means risk.

“I think this incident with JBS will cause some of the organizations to take a stronger look at the programming that we have in this area and then have discussions with USDA,” the U.S. Department of Agriculture, he added.

A spokeswoman for the North American Meat Institute, representing meatpackers, did not return an email seeking comment. 

In a statement Tuesday, the U.S. Department of Agriculture said, “USDA will continue to encourage food and agriculture companies with operations in the United States to take necessary steps to protect their (information technology) and supply chain infrastructure so that it is more durable, distributed and better able to withstand modern challenges, including cybersecurity threats and disruptions.”

Fortune reported that the attack on JBS forced the company to shut down computers across North America and Australia. Fortune noted that the industry is still battling back from workforce issues related to COVID-19.

The trouble started on Sunday for JBS. By Wednesday, the company hoped to resume most of its slaughter operations at beef, pork and poultry plants. 

On Tuesday, Karine Jean-Pierre, principal deputy White House press secretary said the FBI is investigating the attack on JBS. 

“Combating ransomware is a priority for the administration. President Biden has already launched a rapid strategic review to address the increased threat of ransomware to include four lines of effort: one, distribution of ransomware infrastructure and actors working closely with the private sector; two, building an international coalition to hold countries who harbor ransom actors accountable; expanding cryptocurrency analysis to find and pursue criminal transaction; and reviewing the (federal government’s) ransomware policies,” Jean-Pierre said. 

We call on organizations across government and the private sector to take the threat of ransomware seriously and modernize their cyberdefenses …” she added. 

In March, IEEE Spectrum reported that having so much equipment connected to the internet could bring added cybersecurity threats to industries that need technologies to feed 8.5 billion people by 2030. Of those people, 840 million are expected to be facing acute hunger. 

Before the JBS cyberattack, Xing Yang of Nanjing Agricultural University in China told IEEE Spectrum smart agriculture has been studied extensively, but “the security issues (involving) smart agriculture have not.” IEEE is the Institute of Electrical and Electronics Engineers, a professional association.

Some of the ag systems make them vulnerable to attacks beyond more conventional cybercrimes, the researcher added. Feeding systems, climate sensors and data technologies could be interrupted.