GREELEY, CO – Even while the United States Cattlemen’s Association (USCA) was calling for immediate transportation regulatory relief based on anticipated fall-out from a cyberattack at the world’s largest meat supplier, JBS announced on Thursday that all of its global facilities are fully operational after a cyberattack halted production on Sunday at more than a dozen meatpacking plants.
In a statement on Thursday, the company said that the cyberattack had been “resolved” and the loss was limited to less than one day’s worth of food production. They said it plans to make up for the lost production by the end of next week (June 11).
USCA Pesident Brooke Miller sent a letter this week to Transportation Secretary Pete Buttigieg, saying the transportation regulatory relief is needed to ensure that grocery store shelves stay stocked of fresh meat products.
Miller says it’s important regulatory relief for livestock haulers include relaxation of the hours of service regulations.
In earlier regulatory action, the nation’s U.S. Department of Transportation’s Federal Motor Carrier Safety Administration (FMCSA) had extended its emergency declaration for Hours of Service waivers for the transportation of livestock and livestock feed through Aug. 31.
In a statement on Thursday, the company said that the cyberattack had been “resolved” and the loss was limited to less than one day’s worth of food production. They said it plans to make up for the lost production by the end of next week.
“The criminals were never able to access our core systems, which greatly reduced potential impact. Today, we are fortunate that all of our facilities around the globe are operating at normal capacity, and we are focused on fulfilling our responsibility to produce safe, high-quality food,” said Andre Nogueira, JBS USA CEO.
JBS first became aware of the hack over the Memorial Day weekend. The company said it immediately contacted federal officials and shut down all of its systems to isolate the intrusion. JBS said its encrypted backup servers were not compromised, allowing the company to resume operations in a matter of days.
The Federal Bureau of Investigation attributed the attack to REvil, a Russia-linked Ransomware-as-a-Service operation. REvil, also known as Sodinokibi, provides malware kits for criminal affiliates to launch cyberattacks in exchange for a cut of the profit, usually around 20-30%.
It’s unclear how the criminal group gained access to servers supporting JBS’s North American and Australian IT systems. The company’s operations in Mexico and the UK were not impacted by the breach. The beef plant in Greeley was among the facilities that had to shut down operations earlier in the week due to the hack.
JBS has not said if REvil demanded a ransom and if the company will pay. JBS said it is not aware of any customer, supplier or employee data compromised in the breach. However, cybersecurity experts say the forensic investigation to determine what data was accessed in this kind of attack can take weeks to complete.