Meat producer JBS curtails operations after cyberattack

Meatpacker JBS SA 4.16% was hit by a ransomware attack that took a big chunk of U.S. beef-and-pork processing offline, sending buyers scrambling for alternatives and raising pressure on meat supplies.

Brazil-based JBS, the world’s biggest meat company by sales, told the Biden administration that it was the victim of a ransomware attack, White House principal deputy press secretary Karine Jean-Pierre said on Tuesday. She said JBS reported that the attack originated from a criminal group likely based in Russia.

“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals,” Ms. Jean-Pierre said.

JBS had no immediate comment on the White House’s description of the attack.

The attack halted operations at JBS plants across the U.S. that are among the country’s largest, according to worker representatives and notices shared with JBS employees. JBS facilities in Colorado, Iowa, Minnesota, Pennsylvania, Nebraska and Texas were among those affected. Representatives for JBS had no immediate comment on plant operations. JBS operations in Australia and Canada were affected as well as operations in the U.S., according to the company and social-media posts.

For JBS, which processes nearly one-quarter of U.S. beef and about one-fifth of the nation’s pork, the attack illustrates a new threat for an industry that was among the hardest hit by Covid-19. As the pandemic arrived in the U.S., tens of thousands of plant workers were infected, according to labor-union estimates, forcing shutdowns last spring that backed up livestock on farms. Meatpackers spent hundreds of millions of dollars to temporarily boost wages, install temperature scanners and place partitions between work stations.

Meat-market analysts said plant closures resulting from the JBS hack could soon lead to higher consumer prices, which have climbed for many cuts this year due to high demand and a tight labor market. “Even one day of disruption will significantly impact the beef market and wholesale beef prices,” wrote analysts for Steiner Consulting Group, which researches the meat industry.

Plants across the Midwest and South run by Pilgrim’s Pride Corp. PPC -0.25% , the U.S. chicken processor majority-owned by JBS, also suspended processing shifts late Monday and Tuesday, according to notices shared with employees on social media.

Suzanne Rajczi, chief executive of New York-based restaurant supplier Ginsberg’s Foods, said she was looking for a new source for chicken she usually buys from a Pilgrim’s plant in West Virginia that was affected by the cyberattack.

Pilgrim’s canceled a fresh chicken delivery to Ginsberg’s on Tuesday, Ms. Rajczi said. She said Pilgrim’s told her it was trying to add back production lines in coming days but couldn’t say if or when her deliveries would resume.

The attack ratcheted up pressure on a food-supply chain already under strain from labor shortages, production constraints and high transportation costs, Ms. Rajczi said.

“There’s a lot of frenzied buying going on right now,” said Ms. Rajczi. “The whole fresh-commodity supply chain has been stretched to the max.”

The attack is the latest to demonstrate the growing and potentially costly risk to corporate operations posed by such incursions. Such attacks can also affect daily life in the U.S. A cyberattack on fuel supplier Colonial Pipeline Co. last month shut down the fuel supplier’s main fuel conduit for the U.S. East Coast, prompting a run on regional gas stations and helping to push gasoline prices to their highest levels in 6 1/2 years. Since the Colonial attack, lawmakers have warned that criminal ransomware gangs are increasingly targeting U.S. infrastructure and businesses, snarling day-to-day operations.

JBS said that the cyberattack didn’t affect its backup servers, and that the company was working with technology specialists to restore its systems. As of Monday, JBS said that there was no sign that customer, supplier or employee data was compromised. JBS said the attack could delay business with meat buyers, cattle feedlots and other suppliers.

At a JBS beef plant in Souderton, Pa., which the company estimates is the largest beef plant east of Chicago, workers were told no slaughtering or processing would take place Tuesday, according to Wendell Young, president of the local United Food and Commercial Workers International Union, which represents JBS plant employees.

“The goal is to reopen tomorrow, but until they notify us later today, we don’t know about that,” Mr. Young said.

In Greeley, Colo., where JBS runs another major beef-packing plant, shifts were canceled due to the cyberattack, a spokeswoman for the local UFCW chapter said. The JBS beef plant in Cactus, Texas, also canceled Tuesday operations, with the exception of maintenance and some other functions, according to a notice posted to the plant’s Facebook page.

The JBS pork plant in Ottumwa, Iowa, told employees that Tuesday slaughtering and bacon-slicing shifts were suspended, according to a separate Facebook notice. In Worthington, Minn., where JBS runs another pork plant, cutting, trimming and deboning shifts were suspended Tuesday, according to a notice posted to that plant’s Facebook page.

Live cattle-futures trading on the Chicago Mercantile Exchange fell on Tuesday, with the most-active cattle contract closing down Tuesday by 1.9% to nearly $1.17 a pound. The primary factor driving the contract down was the hack, livestock traders said, raising the risk that some plants would be unable to purchase livestock.

“Cattle were backed up going into this week with packers simply not killing enough to allow feedlots to get current,” said Dennis Smith, a commodities broker with Archer Financial Services Inc. “So, the industry had a problem going into the crisis.”

JBS said the attack targeted some of its information technology and that the company has since suspended the use of affected servers. While attacks on IT systems can wreak havoc, cybersecurity experts have said hackers can cause even greater damage if they reach operational technology used to keep factories or other industrial facilities running. A JBS spokeswoman didn’t immediately respond to a request for comment on whether the attack affected the company’s operational-technology systems.

Source: WSJ