Iowa pork plant among those affected by ransomware attack on JBS
Tyler JettAt least one Iowa pork plant halted production Tuesday because of a ransomware attack targeting meat producer JBS.
Brian Ulin, secretary-treasurer of United Food & Commercial Workers Local 230, said JBS' Ottumwa plant stopped its slaughtering line. As of Tuesday afternoon, Ulin said the company had only informed workers that it was halting the first and second shifts, which run from about 5 a.m. to 10 p.m.
Ulin said some employees still came in Tuesday to cut and package pigs that already had been slaughtered.
JBS SA informed the U.S. government Sunday that a criminal organization "likely based in Russia" had hacked its computers, White House Deputy Press Secretary Karine Jean-Pierre told reporters Tuesday. She said White House representatives had talked to Russian government officials about the attack, and the FBI was investigating.
By day's end Tuesday, JBS confirmed it had closed all nine of its U.S. beef plants in the wake of its attack. However, the the company's CEO, Andre Nogueira, said in a statement that "the vast majority of our beef, pork, poultry and prepared foods plants will be operational tomorrow.”
"Our systems are coming back online and we are not sparing any resources to fight this threat," he said. "We have cybersecurity plans in place to address these types of issues and we are successfully executing those plans.
Based in Brazil, JBS is one of the largest livestock buyers and meat sellers in the United States, with Iowa plants in Council Bluffs, Marshalltown and Ottumwa. Spokespeople for the company and local UFCW unions in Council Bluffs and Marshalltown did not return calls or emails about the attack.
Dal Grooms, a spokesperson for the Iowa Pork Producers' Association, said the organization was still waiting to hear how the plant shutdowns would impact the state's farmers.
"We're hoping it will be cleared up in a few days," she said. "We don't want it to go on for a full week. If that happens, pig farmers will be facing some difficult choices. They will probably look to smaller plants to see if they can accommodate them."
More:Cybersecurity attack hits world's largest meat supplier JBS' IT systems in the US and Australia
In Ottumwa, where JBS has about 2,100 employees, Ulin said he had not heard anything from the company about how employees whose shifts were cut would be affected. He said he hoped the company would pay them as if they had clocked in for a normal shift.
"As a union, we’re going to do everything we can to ensure that our members are going to get paid," he said. "As far as how that happens, I don’t know yet. JBS hasn’t officially given us that information yet. Right now, everything is up in the air."
Last month, a gang of suspected Russian cybercriminals temporarily shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, in a ransomware. The shutdown sent fuel prices soaring and caused shortages in some part of the country before Colonial Pipeline paid the hackers $4.4 million to end the disrutpion.
In Washington, Jean-Pierre said Tuesday that the White House was “engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals.” The FBI was investigating, and the Cybersecurity and Infrastructure Security Agency was offering technical support to JBS.
In addition, the U.S. Department of Agriculture spoke to several other major meat processors in the U.S. to alert them to the situation, and the White House was assessing any potential impact on the nation’s meat supply.
In a statement Sunday, JBS said the cyberattack affected servers supporting its operations in North America and Australia. The company said it notified authorities and engaged third-party experts to resolve the problem as soon as possible. Backup servers weren't affected.
Thousands of Australian meat plant workers had no work for a second day Tuesday, and a government minister there said it might be days before production resumed. JBS is Australia’s largest meat and food processing company, with 47 facilities across the country including abattoirs, feedlots and meat processing sites. JBS employs around 11,000 people in Australia.
It's not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.
In March, Molson Coors announced a cyberattack had affected its production and shipping.
Staff writer Tyler Jett and the Associated Press contributed to this article.