(Adds drop in slaughtered cattle and hogs; background on
CHICAGO/ABOARD AIR FORCE ONE, June 1 (Reuters) - The White
House said on Tuesday that Brazil's JBS SA has
informed the U.S. government that a ransomware attack against
the company that has disrupted meat production in North America
and Australia originated from a criminal organization likely
based in Russia.
JBS is the world's largest meatpacker and the incident
caused its Australian operations to shut down on Monday and has
stopped livestock slaughter at its plants in several U.S.
The ransomware attack follows one last month by a group with
ties to Russia on Colonial Pipeline, the largest fuel pipeline
in the United States, that crippled fuel delivery for several
days in the U.S. Southeast.
White House spokeswoman Karine Jean-Pierre said the United
States has contacted Russia's government about the matter and
that the FBI is investigating.
"The White House has offered assistance to JBS and our team
at the Department of Agriculture have spoken to their leadership
several times in the last day," Jean-Pierre said.
"JBS notified the administration that the ransom demand came
from a criminal organization likely based in Russia. The White
House is engaging directly with the Russian government on this
matter and delivering the message that responsible states do not
harbor ransomware criminals," Jean-Pierre added.
JBS sells beef and pork under the Swift brand, with
retailers like Costco carrying its pork loins and tenderloins.
JBS also owns most of chicken processor Pilgrim's Pride Co
, which sells organic chicken under the Just Bare brand.
If the outages continue, consumers could see higher meat
prices during summer grilling season in the United States and
meat exports could be disrupted at a time of strong demand from
The disruption to JBS's operations have already had an
impact, analysts said. U.S. meatpackers slaughtered 94,000
cattle on Tuesday, down 22% from a week earlier and 18% from a
year earlier, according to estimates from the U.S. Department of
Agriculture. Pork processors slaughtered 390,000 hogs, down 20%
from a week ago and 7% from a year ago.
JBS said it suspended all affected systems and notified
authorities. It said its backup servers were not affected.
"On Sunday, May 30, JBS USA determined that it was the
target of an organised cybersecurity attack, affecting some of
the servers supporting its North American and Australian IT
systems," the company said in a Monday statement.
"Resolution of the incident will take time, which may delay
certain transactions with customers and suppliers," the
company's statement said.
The company, which has its North American operations
headquartered in Greeley, Colorado, controls about 20% of the
slaughtering capacity for U.S. cattle and hogs, according to
"The supply chains, logistics, and transportation that keep
our society moving are especially vulnerable to ransomware,
where attacks on choke points can have outsized effects and
encourage hasty payments," said threat researcher John Hultquist
with security company FireEye.
U.S. beef and pork prices are already rising as China
increases imports, animal feed costs rise and slaughterhouses
face a dearth of workers.
The cyberattack on JBS could push U.S. beef prices even
higher by tightening supplies, said Brad Lyle, chief financial
officer for consultancy Partners for Production Agriculture.
Any impact on consumers would depend on how long production
is down, said Matthew Wiegand, a risk management consultant and
commodity broker at FuturesOne in Nebraska.
"If it lingers for multiple days, you see some food service
shortages," Wiegand added.
Two kill and fabrication shifts were canceled at JBS's beef
plant in Greeley due to the cyberattack, representatives of the
United Food and Commercial Workers International Union Local 7
said in an email. JBS Beef in Cactus, Texas, also said on
Facebook it would not run on Tuesday.
JBS Canada said in a Facebook post that shifts had been
canceled at its plant in Brooks, Alberta, on Monday and one
shift so far had been canceled on Tuesday.
A representative in Sao Paulo said the company's Brazilian
operations were not impacted.
The United States Cattlemen's Association, a beef industry
group, said on Twitter that it had reports of JBS redirecting
livestock haulers who arrived at plants with animals ready for
Last year, cattle and hogs backed up on U.S. farms and some
animals were euthanized when meat plants shut due to COVID-19
outbreaks among workers.
A JBS beef plant in Grand Island, Nebraska, said only
workers in maintenance and shipping were scheduled to work on
Tuesday due to the cyberattack.
U.S. congressman Rick Crawford, an Arkansas Republican,
called for a bipartisan effort to secure food and cyber security
in the wake of the cyberattack.
"Cyber security is synonymous with national security, and so
is food security," Crawford wrote on Twitter.
Over the past few years, ransomware has evolved from one of
many cybersecurity threats to a pressing national security issue
with the full attention of the White House.
A number of gangs, many of them Russian-speakers, develop
the software that encrypts files and then demand payment in
cryptocurrency for keys that allow the owners to decipher and
use them again. An increasing number of the gangs, and
affiliates who break into some of the targets, now demand
additional money not to publish sensitive documents they copied
In addition to diplomatic pressure, the Biden White House is
taking steps to regulate cryptocurrency transfers and track
where they are going.
(Reporting by Caroline Stauffer, Tom Polansek, Mark Weinraub in
Chicago; Additional reporting by Jeff Mason aboard Air Force
One and Trevor Hunnicutt in Washington, Ana Mano in Sao Paulo
and Joe Menn in San Francisco
Editing by Chizu Nomiyama, Will Dunham and Nick Zieminski)