JBS USA officials said in a press release Tuesday that they were making "significant progress" returning to normal operations at their facilities in the United States and Australia after a cyberattack over the weekend affected operations and forced the company to halt production at beef plants in the United States, including JBS Cactus. "JBS USA and Pilgrim's (JBS owns Pilgrim's Pride, a major poultry producer) are a critical part of the food supply chain, and we recognize our responsibility to our team members, producers, and consumers to resume operations as soon as possible," said Andre Nogueira, JBS USA CEO. "Our systems are coming back online, and we are not sparing any resources to fight this threat. We have cybersecurity plans in place to address these types of issues, and we are successfully executing those plans. Given the progress our IT professionals and plant teams have made in the last 24 hours, the vast majority of our beef, pork, poultry, and prepared food plants will be operational tomorrow (Wednesday, June 2)." On Wednesday, company officials issued an update that said they expected to be operating at close to full capacity across their global operations by Thursday.
Activity at the JBS Cactus plant Tuesday was limited to maintenance and shipping, according to Moore County Judge Rowdy Rhoades, who was in contact with local JBS management.
A spokesperson for the White House said Tuesday in a press briefing that JBS had informed the government on Sunday that the company had received a demand for ransom from "a criminal organization likely based in Russia." The spokesperson said the government was in contact with officials from JBS and other meat processors and was "engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals." The FBI is investigating, and the Cybersecurity and Infrastructure Security Agency (CISA) is providing JBS with technical assistance to overcome the effects of the attack.
The spokesperson said federal officials were "assessing any impacts on supply" and trying to determine what steps to take to mitigate those impacts if necessary.
Ransomware is software that infects a computer network and freezes the data. The criminals behind the attack then demand a ransom to release the data. Cyberattacks or ransomware attacks against companies involved in critical infrastructure, cities and other government entities, hospitals, and others have become common recently. An attack in May against Colonial Pipeline Company resulted in a disruption of gasoline deliveries to the east coast and temporary supply shortages.
JBS officials say they are unaware at this time of evidence that any customer, supplier, or employee data had been compromised by the breach of the company's computer network.