Meat giant JBS now fully operational after ransomware attack

JBS, the world's largest beef producer, has confirmed that all its global facilities are fully operational and operate at normal capacity after the REvil ransomware attack that hit its systems last weekend.

On May 31, JBS was also forced to shut down production after REvil ransomware operators breached and encrypted some of its North American and Australian IT system.

The FBI confirmed the REvil ransomware operation is behind the JBS ransomware attack on Wednesday.

The attack on JBS follows another major ransomware incident that forced Colonial Pipeline to shut down the largest US pipeline and pay a $5 million ransom.

JBS is the world's largest beef and poultry producer and the second-largest global pork producer, with facilities and operations in the United States, Australia, Canada, and the United Kingdom.

It has over 245,000 employees worldwide and an extensive portfolio of brands sold to customers from roughly 190 countries on six continents.

Back in business sooner than expected

JBS was able to get its systems back online sooner than expected since its backup servers were not impacted during the incident, and the restoration of systems critical to production was prioritized to reduce the impact on the food supply chain, producers, and consumers.

It also received strong support from the US, Australian and Canadian governments, with the FBI and CISA offering their technical support to JBS in recovering from the ransomware attack.

"The company's swift response, robust IT systems and encrypted backup servers allowed for a rapid recovery," JBS USA said in a press release on Thursday.

"As a result, JBS USA and Pilgrim's were able to limit the loss of food produced during the attack to less than one days' worth of production."

According to JBS USA CEO Andre Nogueira, the REvil operators haven't been able to gain access to the company's core systems, which significantly reduced their attack's impact.

In a previous statement issued on Wednesday, JBS stated that it had not found evidence of customer, supplier, or employee data compromised during the breach.

All eyes on ransomware

After the JBS REvil ransomware attack, the White House has also urged business leaders and corporate executives to take ransomware attacks seriously.

Press Secretary Jen Psaki said in a press briefing that President Biden would discuss the recent attacks with Russian President Vladimir Putin at the June 16 Geneva summit, given that all of the ransomware gangs behind these incidents (including REvil) are believed to be operated out of Russia.

"It will be a topic of discussion in direct, one-on-one discussions — or direct discussions with President Putin and President Biden happening in just a couple of weeks," Psaki said.

Reuters also reported on Thursday that the US government would give ransomware attacks a similar priority to terrorism due to their capability to disrupt critical services and the substantial financial impact on US interests.