Russia-based actors are believed to have launched the attack on the world’s biggest beef producer. The White House has blamed Russian threat actors for the ransomware attack on JBS.
While in the initial announcement the company confirmed that some of its systems were affected by a cuber attack on Sunday, the company did not call it a ransomware attack. Additionally, it didn’t reveal the exact cause of the incident, but only hinted that a ransomware group had encrypted the company’s servers: “the company’s backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible.”
However, today, according to White House Principal Deputy Press Secretary Karine Jean-Pierre, the attackers demanded a ransom from the Brazil-based JBS S.A. meat processor.
The company is working with the White House and the Department of Agriculture to resolve the situation:
“Meat producer JBS notified us on Sunday that they are the victims of a ransomware attack. The White House has offered assistance to JBS, and our team and the Department of Agriculture have spoken to their leadership several times in the last day,” Jean-Pierre said.
JBS notified the administration about the ransom demand and said it likely came from Russia:
“JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia,” Jean-Pierre said.
The White House is in contact with the Russian government over the incident, which the FBI is investigating, a White House spokeswoman said on Thursday.
“The FBI is investigating the incident and CISA is coordinating with the FBI to offer technical support to the company in recovering from the ransomware attack,” the spokeswoman added.
The USDA has reached out to various meat processors in the US to ensure they are aware of any impacts from the situation.
JBS is a global food company that produces beef and pork in the United States, Australia, Canada, and the United Kingdom.