An overview of the JBS Foods cyberattack

Last week, global protein company JBS Foods was the target of an organized cyberattack, which affected some of the servers supporting its Australian and North American IT systems, and global production plants. Here’s a timeline of events, including the disruption and return-to-normal for JBS Canada’s Brooks plant, and the response from the Government of Alberta.

A timeline on the cyberattack

May 30

An organized cyberattack targets JBS Foods, affecting facilities in Australia and North America.

May 31

Some shifts are canceled for the JBS Canada beef processing plant in Brooks, Alberta, which employs more than 2,800 people.

June 1

The United States Department of Agriculture (USDA) makes a statement that it is aware of the ransomware attack against JBS, and that it is working closely with the White House, Department of Homeland Security, and JBS USA. In an effort to mitigate against potential supply or price issues, USDA says it ensured major meat processors in the U.S. were aware of the situation, and “encouraged them to accommodate additional capacity where possible.”

June 2

JBS Canada beef processing plant in Alberta resumes full production.

June 3

JBS USA and Pilgrim’s announces the cyberattack was resolved on May 30, and its global facilities are back to being fully operational, highlighting its own “swift response, robust IT systems and encrypted backup servers.” The company says any lost production will be fully recovered by the end of the following week.

“Thanks to the dedication of our IT professionals, our operational teams, cybersecurity consultants and the investments we have made in our systems, JBS USA and Pilgrim’s were able to quickly recover from this attack against our business, our team members and the food supply chain,” said Andre Nogueira, JBS USA CEO. “The criminals were never able to access our core systems, which greatly reduced potential impact. Today, we are fortunate that all of our facilities around the globe are operating at normal capacity, and we are focused on fulfilling our responsibility to produce safe, high-quality food.” 

June 9

JBS USA confirms it paid US$11 million in ransom in response to the ransomware attack.

“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”

Preliminary investigation results, according to JBS USA, confirm that no company, customer, or employee data was compromised. As of June 9, third-party investigations are still ongoing.

June 10

Alberta Minister of Agriculture and Forestry Devin Dreeshen posts to social media (Facebook, Twitter) about the cyberattack, including a letter to Federal Minister of Agriculture and Agri-Food Marie-Claude Bibeau requesting a briefing on the risks of electronic crime at the next meeting of Ministers of Agriculture.

“I suggest that this be followed by a discussion of steps that should be taken to ensure that our food supply chains, and the economic value produced by our food sector are protected.”

Stock photo: Canada Beef Inc.