Global meat processor JBS Foods has paid the equivalent of $US11 million after cyber attackers held the company for ransom last month.
JBS Foods is one of the world's largest meat processing companies, with operations in Australia, the United States, South America and Canada. On the last weekend of May, cybercriminals attacked the company by breaching its technology systems. As a result, the company closed operations for several days and paid a hefty ransom fee to protect its customer's data.
Unfortunately, the JBS Foods attack demonstrates just how vulnerable businesses are to cyber-attacks. This article will cover the JBS Foods cyberattack and what you can do to prevent a similar breach in your business.
Inside the JBS Foods Cyber Attack
JBS Foods first discovered it was the victim of a cyber attack on Sunday, May 30th 2021. The attack brought down servers that supported the company's North American and Australian IT systems. This prevented staff from accessing the companies computer systems, which they use to keep records, regulatory documentation and operations data.
Immediately, JBS Foods mobilised its operations and IT staff to address the problem. Globally, the company employs over 11,000 people, around 850 of whom work in IT. According to JBS Foods, the company spends $200 million on IT annually.
Ultimately, the JBS Foods attack shut down many of the company's operations for five days.
This affected meat processing plants in Queensland, Tasmania, New South Wales and Victoria. Though these plants have now reopened, meat market analyst Simon Quilty believes that JBS Foods' plants worldwide have been operating at "varying capacities" of 50 - 90% capacity in the wake of the attack.
How The Attack Occurred
JBS Foods was attacked with ransomware. Ransomware is a type of malware that encrypts the files stored on a device or system, rendering them unusable.
Cyber attackers that deploy malware use it to hold a company's data for ransom. If a company pays the ransom, their files are released. Otherwise, many cyber attackers sell the data.
On June 9th, 2021, JBS Foods announced that they had opted to pay the equivalent of $US11 million (roughly $AU14.2 million) in ransom to their attackers. In their statement, JBS Foods CEO Andrew Nogueira explained that "we felt this decision had to be made to prevent any potential risk for our customers."
According to the company, their attackers did not compromise their customer, employee and company data during the attack.
Who Was Responsible For The JBS Foods Cyber Attack?
While some suspected anti-meat activists may have been responsible for the JBS Foods cyber attack, the United States Federal Bureau of Investigation (FBI) has blamed a Russian cyber-criminal group known as 'REvil'.
REvil (who also goes by 'Sodinokibi') is a prolific criminal organisation with a history of targeting businesses, breaching their IT systems, stealing their data and holding the company for ransom.
Last October, an anonymous spokesperson for REVil claimed the criminal group considers the agricultural sector a primary target for their attacks. However, they have targeted other sectors. In late June, REVil carried out two major attacks in just a few hours, targeting UK fashion brand French Connection and Brazilian company Grupo Fleury.
Ransomware: A Serious Threat For Businesses
According to market analyst Matt Daleish from Thomas Elder Markets, JBS Foods paying the ransom sets a dangerous precedent for other businesses. "The fact that it's been fairly widely published that they've paid the ransom — I think it does set a dangerous precedent," he said.
While the JBS Foods attack may seem rare, Quilty says "there is more made" out of cyber-attacks than the international car industry. He told the ABC that in 2020, 10 companies paid between $US300,000 - $US10 million to bring their business online in cyber attacks.
JBS Foods isn't the first large business that cybercriminals have attacked, either. Over the past few months, cybercriminals have targeted brands like Asahi Breweries, Toll Holdings and AFFCo (a New Zealand meat processor).
REvil isn't the only criminal organisation targeting people. According to the Australian Cyber Security Centre (ACSC), Australian's report an average of 164 cybercrimes every day. The head of the ACSC, Abigail Bradshaw, also believes ransomware attacks are an enormous threat to Australian businesses.
"This year, we've seen ransomware attacks on reasonably large businesses, as well as small businesses, which can cripple a business while they try and work out how to keep their business going," she said.
That leaves businesses owners with one fundamental question: how do you protect your business from a ransomware attack?
How To Protect Your Business From A Similar Attack
There are many simple cybersecurity steps you can take to protect your business from ransomware. These steps include:
Using two-factor authentication to protect your accounts
Training your employees to spot cyber attacks
Changing your passwords regularly
Keeping your devices updated
Backing up your data regularly (in case of a breach)
Storing your data in the cloud
Encrypting essential information (including financial or customer information)
You can also use secure communication tools to protect your business. Many attacks rely on communication tools like email to spread ransomware. In these cases, attackers email employees ransomware in links, files and documents. Ransomware implants on their computer when an employee clicks the link or downloads the file.
If your business shares documents frequently, consider switching to a secure document sharing tool like online faxing. Online faxing uses Transport Layer Security (TLS) to encrypt your faxes and transmit them via the internet. This prevents cyber attackers from stealing your data and keeps your business safe from malware.
If you are looking for an online faxing provider you can trust, make sure you partner with eFax. eFax's online faxing system lets you send faxes from your computer, tablet or smartphone. Currently, it's used by over 11 million customers worldwide.
eFax's system is full of business-friendly features, including a PDF converter, free cloud-based storage, large file transfer up to 3GB, email faxing and digital signatures. Moreover, as eFax lets you fax without phone lines, it's also fully NBN-compatible and future proof.
You can try eFax in your business with a 30-day free trial. An eFax free trial includes access to eFax, a free faxing number and up to 400 free faxes.
Start a 30-day free trial by clicking here
or calling 1800 283 361.