U disruptive power of ransomware was already on full display last month, thanks to the Colonial Pipeline attack that for days stopped the distribution of fuel from a crucial pipeline on the East Coast of the United States. Now, a different attack over the weekend threatens the food chain – and stresses, once again, that ransomware is an urgent national and international security issue.
JBS SA is the largest meat processing company in the world, with headquarters in Brazil and more than 250,000 employees. throughout the world. In a statement Monday, its U.S. subsidiary, JBS USA, said it “was the target of an organized cybersecurity attack, affecting some of the servers that support its North American and Australian IT systems.” The company added that its system backups are intact. In response to the attack, JBS USA took the impact systems offline, informed law enforcement, and began working with a company to respond to external incidents on the repair. JBS facilities in Australia, the United States and Canada have faced disruptions since the attack was detected on Sunday.
The JBS incident is now raging in the meat industry, causing some plants to be closed, workers to be sent home, and livestock to be returned to farmers after being transported for slaughter. In Australia, the situation has had a remarkable peculiarity impact on local supply chains, although officials say the ramifications could be contained if JBS can restore operations quickly.
“JBS is working closely with law enforcement here and abroad to put in place and hold those responsible accountable,” said Australian Agriculture, Drought and Emergency Management Minister David Littleproud he tweeted on Tuesday.
JBS itself has not even publicly called the incident a ransomware attack, but White House chief press officer Karine Jean-Pierre said in an Air Force One briefing Tuesday that the company alerted the Biden administration to a ransomware attack on Sunday. She added which was perpetrated by a “probably Russia-based criminal organization.”
“The White House engages directly with the Russian government on this matter and conveys the message that the responsible states are not carrying ransomware criminals,” Jean-Pierre he told reporters.
Several U.S. presidential administrations have now fought with how to exercise a significant deterrent against foreign piracy. Ransomware attacks are, in general, financially motivated and perpetrated by criminal hackers, not actors explicitly sponsored by the state. When foreign countries do not prosecute violators or cooperate with international investigations, they land in a geopolitical gray zone.
“Ransomware is a risk to everything from national security to food security to health care delivery – it must absolutely be considered as one of the world’s most pressing security issues,” says Brett Callow, threat analyst. in Emsisoft antivirus which has studied and tracked ransomware for years. “Unless governments develop and quickly implement strategies to effectively combat ransomware, the problems will only get worse.”
Ransomware has been a known and active threat to critical infrastructure, in particular health care, for years now, and the situation remarkably scaled such as the Covid-19 fury pandemic. Recent attempts by the U.S. government to address the problem include joining a public-private task force of December. The task force released a series of recommendations in late April.
Researchers and respondents to the incident point out, however, that there is an urgent need for tangible action. But the step that would be most effective – stopping all payments to ransomware players for having no incentive to continue – is difficult to implement in practice.
“It’s about payment – the second stop being profitable, stop,” says Jake Williams, a former NSA hacker and founder of security firm Rendition Infosec. “You can’t ban payments, which puts commercial operators in faulty positions. What law enforcement needs to do is aggressively analyze cryptocurrency exchanges and utilities like mixers, so hackers can’t. it does not cover its tracks and convert ransom payments into fiat currency ”.