Ransomware Attack on JBS Foods Exposes Critical Infrastructure Organizations’ Vulnerability Against Modern Threats

essidsolutions

JBS Foods, the world’s largest processed meat supplier, was targeted by a ransomware attack earlier this week. The attack knocked out some of their servers supporting systems in the U.S., Canada and Australia, resulting in temporary shutdown of operations. Though JBS has assured that a majority of their beef, pork, poultry and prepared foods plants will be up and running again on Wednesday, their failure to thwart the cyberattack is yet another testament to the lack of preparedness of large U.S.’ corporations in the face of a fast evolving threat landscape.

A few weeks before the attack on JBS, Colonial Pipeline Company, one of the largest pipeline system providers for refined oil products in the U.S., was hit by a ransomware attack that forced them to shut down 5,500 miles of pipeline.

Attackers Are Going After the U.S. Economy

In a typical ransomware attack, the motivation for attackers is financial gain. They first infiltrate a computer network and threaten to disrupt operations, delete files, or sell them on the Dark Web unless a ransom is paid.

Back to back cyberattacks on two of the largest suppliers of essential goods and services in the U.S. indicates something more nefarious. In both these cases, threat actors have not only targeted two large corporations capable of paying a ransom, but also paralyzed the supply of essential commodities in the country, which may have wider ramifications for the economy.

For instance, the disruption of JBS’ operations is likely to impact meat supply in the U.S. and may even shoot up the prices of meat products. JBS accounts for 23% of meat supply in the US, as per Bloomberg. Similarly, Colonial Pipeline supplies roughly 45% of petrol, diesel and jet fuel consumed on the east coast. According to NASDAQ, oil prices in the US roseOpens a new window after the cyberattack targeting the pipeline company in May.

Disruption of operation for just eighteen hours can cost a company more than half a million dollarsOpens a new window per incident on an average, estimates Mcafee. Cyberattacks have already cost the US and global economy billions of dollars. Global losses due to cybercrimes exceeded $1 trillion in 2020, up by 50% since 2018, the firm said.

“This latest hack comes less than a month after the Colonial Pipeline cyber-attack and further demonstrates how vulnerable major industry infrastructure is to disruption,” says Rashid AliOpens a new window , Enterprise Solutions Manager at Wallix.

“The cyber-attack targeted a U.S. company, but its repercussions are being felt worldwide. It’s clear that cybercriminals are going to continue to target critical infrastructure for maximum impact. So, with sophisticated cyber-attacks increasing by the day, organizations must act fast to safeguard vulnerable infrastructure and valuable data. While implementing a first line of defence is a must, this alone is not enough.

“Organizations need to be prepared and have a comprehensive cyber strategy in place that can secure against remote access, implement zero trust policies and safeguard value data – so that if all else fails, the impact and reach of the hack is limited,” he adds.

Learn More: Cyberattacks on Critical Infrastructure to Worsen in 2021: Here’s How to Protect Your Data

A History of Attacks With Links to Russia and China  

Most of the recent large scale attacks in the US, including the notorious SolarWinds attack are believed to be carried out by threat actors with links to Russia. In the attacks on Colonial Pipeline and JBS, involvement of hacker groups with links to Russia is also suspected.

China is also believed to have stepped up its cyber offensive against the U.S. in retaliation to the ongoing trade war with the U.S. administration. According to KerbsOnSecurity, a Chinese espionage group Hafnium is believed to have exploited vulnerabilities in Microsoft’s Exchange Server software to target thousands of companies.  

Last week, the Biden administration announced a slew of fresh sanctionsOpens a new window on Russia for their alleged involvement in the SolarWinds breach, one of the largest cyberattack campaigns against the U.S. in recent times. Threat actors working at the behest of Russian intelligence agency SVR planted a malicious code in a SolarWinds’ software system Orion and used it to infiltrate into networks of several major organizations including Microsoft and Cisco and government agencies such as Department of Homeland Security, Department of Energy, and National Nuclear Security Administration.

Learn More: Secure the Weak Points in Critical Infrastructure Environments Before It’s Too Late

According to a joint studyOpens a new window by researchers at University of Surrey and HP, state-backed cyberattacks targeting companies in the U.S. have risen in the past three years by 100%. Enterprises (33%) were most targeted, followed by cybersecurity (25%), media (14%), government agencies (12%) and critical infrastructure (10%).

Stuart ReedOpens a new window , the UK Director of Orange Cyberdefense, says that the attack on JBS is yet another example of the surging threat posed by ransomware, and a stark reminder of the devastation that can be caused to the business operations of those affected. With global supermarkets and some of the world’s largest corporations set to bear the brunt of the disruption caused by the incident, we are reminded of the importance of having a swift response strategy in place to minimize damage, not just within the business, but throughout the entire supply chain.

“In today’s volatile cyber landscape, a quick response to an attack is essential. It’s not just about identifying a breach when it occurs. Organizations must also have in place a strong incident response strategy, built on a layered approach of people, process and technology. 

“In doing so, organisations can implement intelligent and agile security measures to ensure minimal damage, not only in technical remediation, but also by ensuring that the incident is reported to the authorities quickly to prevent any potential impact on employees, partners or customers and to limit any reputational, financial and legal fallout.”

Do you think the successful cyber attack targeting JBS Foods indicates that critical infrastructure organizations are far from prepared to defend against modern threats? Let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!