The Federal Bureau of Investigation (FBI) said Wednesday that it continues to investigate the weekend cyberattack on JBS but revealed the names of those responsible for the attack.
“We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice,” the agency said. “We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable. Our private sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries. A cyberattack on one is an attack on us all.”
Meanwhile, JBS said production resumed at all JBS USA and Pilgrim’s facilities on Thursday. The hacking incident was detected on May 30, when the company found servers supporting its IT systems were under attack.
The company said its swift response, robust IT systems and encrypted backup servers allowed for a rapid recovery which limited the loss of food produced during the attack to less than one days’ worth of production.
“Any lost production across the company’s global business will be fully recovered by the end of next week, limiting any potential negative impact on producers, consumers and the company’s workforce,” the company said.
The vast majority of the facilities resumed operations on Tuesday, including all of the pork, poultry, and prepared foods facilities around the world, and the majority of the beef facilities in the U.S. and Australia.
“Thanks to the dedication of our IT professionals, our operational teams, cybersecurity consultants and the investments we have made in our systems, JBS USA and Pilgrim’s were able to quickly recover from this attack against our business, our team members and the food supply chain,” said Andre Nogueira, JBS USA CEO. “The criminals were never able to access our core systems, which greatly reduced potential impact. Today, we are fortunate that all of our facilities around the globe are operating at normal capacity, and we are focused on fulfilling our responsibility to produce safe, high-quality food.”
The company said it is not aware of any evidence at this time that any customer, supplier or employee data has been compromised.
“We would like to thank the White House, the USDA and the FBI for their support in quickly resolving this situation,” Nogueira stated.
The U.S. Department of Agriculture (USDA) continues to work closely with the White House, Department of Homeland Security, JBS USA and others to monitor this situation closely and offer help and assistance to mitigate any potential supply or price issues.
“As part of that effort, USDA has reached out to several major meat processors in the United States to ensure they are aware of the situation, encouraging them to accommodate additional capacity where possible, and to stress the importance of keeping supply moving,” the agency said.
USDA is working with several food, agriculture and retail organizations to underscore the importance of maintaining close communication and working together to ensure a stable, plentiful food supply. "USDA will continue to encourage food and agriculture companies with operations in the United States to take necessary steps to protect their IT and supply chain infrastructure so that it is more durable, distributed and better able to withstand modern challenges, including cybersecurity threats and disruptions.”