The FBI says Russian ransomware group is behind meat supplier cyberattack

The vast majority of JBS' facilities have resumed production.

Employees walk around with face masks at the JBS USA meat packing plant, which on Monday was closed after numerous employees tested positive and two have died from the coronavirus disease (COVID-19), in Greeley, Colorado, U.S., April 14, 2020. REUTERS/Shannon Stapleton (Shannon Stapleton / reuters)

The "vast majority" of JBS' meat processing facilities have resumed production following a cyberattack that took out several factories across the US, Canada and Australia on Monday and Tuesday. The company, which is the world's largest meat processor, anticipates its global operations will be "at near full capacity" by Thursday June 3rd. It adds that it's "not aware of any evidence at this time that any customer, supplier or employee data has been compromised."

The FBI has attributed the cyberattack to Russian group REvil, also known as Sodinokibi. REvil is well-known for using ransomware in an attempt to extract millions of dollars from corporations. It has targeted hundreds of entities, including international money transfer service Travelex, Acer and Apple supplier Quanta. In the latter case, REvil ended up leaking the supposed blueprint for an unannounced MacBook model, and went to Apple for a payout after Quanta refused to negotiate.

REvil has not publicly claimed responsibility for the JBS attack, and it's just one of a number hacking groups that appear increasingly emboldened to pursue high-profile targets like major corporations, critical infrastructure and city governments. Following May's attack on the Colonial Pipeline, which was attributed to the "apolitical" group Darkside, the Department of Homeland Security's TSA announced a new set of cybersecurity requirements for pipeline owners and operators. Those guidelines more-or less amount to "have someone responsible for cybersecurity", "check your systems" and "tell us when something goes wrong more quickly please." The TSA is considering further measures to enhance pipeline security in the future.