Exploit: Ransomware
JBS SA: Meat Processor
International meat supplier JBS SA was hit by a crippling ransomware attack in late May 2021. The world’s largest meat producer, Brazil-based JBS has operations in 15 countries and serves customers worldwide including the US, Australia and Canada. JBS is the No. 1 beef producer in the U.S., accounting for 23% of the nation’s maximum capacity compared to rival Tyson Foods Inc.’s 22% share, according to an investor report by Tyson. JBS accounts for roughly a fifth of pork capacity.
The company said that it was immediately in contact with federal officials and brought in a “top firm” to investigate and remediate the incident. JBS initially stated that the attack only impacted some supplier transactions and no data was stolen, but later admitted that data was exposed. JBS ended up paying an $11 million ransom to the REvil ransomware group after the attack caused meat shortages across the US, Australia and other countries.
Key Takeaway: Industrial production of all sorts from food to computer chips was firmly in cybercriminals sights in 2021 as part of double and triple extortion ransomware operations, and that likely won’t change in 2022