All of JBS’s U.S. Beef Plants Were Forced Shut by Cyberattack
A cyberattack on JBS SA, the largest meat producer globally, forced the shutdown of all its U.S. beef plants, wiping out output from facilities that supply almost a quarter of American supplies.
All of the company’s fed-beef and regional beef plants were forced to shutter, and all other JBS meatpacking facilities in the country experienced some level of disruption to operations, according to an official with the United Food and Commercial Workers International Union.
Slaughter operations across Australia were also down, according to a trade group, and one of Canada’s largest beef plants was idled. That comes after a weekend attack on the Brazilian company’s computer networks, according to JBS posts on Facebook, labor unions and employees.
Hackers now have the commodities industry in their crosshairs with the JBS attack coming just three weeks after Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, was targeted in a ransomware attack. It also happened as the global meat industry battles lingering Covid-19 absenteeism after recovering from outbreaks last year that saw plants shut and supplies disrupted.
Why did this happen?
Because Colonial Pipeline paid the ransom and Biden had “no comment” about it.
It is insanely profitable to be able to ransom huge sectors of the economy when our government doesn’t seem to give a shit.
Well, I give a shit. Here is my idea.
I need to start a company, sort of like a cross between Executive Outcomes and a cybersecurity consultant.
Here is my business model:
Company A gets hacked with ransomware.
Company A calls us.
Our crack team of cybersecurity professionals finds out who the hackers are and where they are located.
Our crack team of pipe hitters goes to where the hackers are and engage in “counter-hacking meatspace wetwork.”
I suspect that there are a lot of very good cybersecurity and counter-hacking experts at the CIA/DIA/DOD/etc, that are not woke and might be looking for high-paying work in the private sector. Same for pipe hitters.
I think South Africa would be a good place to set up shop for such an operation.
I have really wondered why nobody has done your plan yet. We have to know where these people are, or at least know who a few of them are in real life. Can’t we go skin them alive and hang in the public square? Hell even hack them back while we’re at it? There should be physical pain meted out here.
Why, oh, why are so many of these systems not air-gapped? Sure, there’s also the “USB in the parking lot” gambit, but still. Why the need to have these connected? I get the ease of real-time monitoring and data from elsewhere, but the risk is too high.
They’re not air-gapped for the same reason large companies no longer buy server space in colo datacenters or build their own: Most of the systems are vendor-managed and the vendor requires remote access.
Convenience vs Security, the constant struggle of IT pros everywhere.
Target’s credit card system was famously compromised because a small-time HVAC maintenance contractor was hacked, and that contractor had remote access to the Target store network in order to perform remote diagnostics.
Theoretically, it’s cheaper and easier to have a vendor log in remotely to perform a quick health check rather than send someone on site if there’s a problem.
In reality, it greatly increases the available avenues of attack.
With “the cloud” becoming more and more popular, breaches are going to become more prevalent. It’s like the old Willie Sutton quip about why he robbed banks: “That’s where the money is.”
Either the CCP or the SVD (or both) absolutely PWNED Microsoft’s cloud last year because that’s where the data is. That was for espionage purposes, but just you wait until some Croatian hacker group cryptolocks just the right storage frame and completely locks out AWS for 2 or 3 days.
That’ll be a $100 mil ransom and Bezos will pay it without blinking.
Thanks for the explanation. “Convenience” explains it quite well.
For the HVAC example and presumably for many more, the problem could be avoided without giving up the efficiency of remote access by setting up a firewall with detailed filtering rules. That’s a bit more effort but it should make things much more secure. For example, the HVAC contractor needed access to the HVAC machines, but not the cash registers. Why wasn’t the firewall set up to enforce that?
The other simple rule — but unfortunately not easy — is “Don’t run Windows”. That isn’t a 100% solution but it’s close.
Not just Beef. The local chicken plant had to shut down due to this too. They’re back online today, but spent 2 days offline.
Let me know if the rebooted EO needs an armorer who likes to blow shit up and can pull some outer cordon security (hey, I can shoot but I’m honest about my abilities!)
Just saying.
Oh sign me up in a heart beat. Talk about job satisfaction.
Just how much of a meat packing plant is automated? I can see disrupting the purchase order system, or payroll, or something of that nature. But the actually operation? That shouldn’t actually stop the humans (in meat-space – lol) from actually butchering and packaging the meat?
Where I work at a chemical processing plant, we have two independent systems. There’s the regular computer system that can potentially be hacked. That would disrupt communications (internal and external), payroll, HR, stuff like that. Then there’s the actual control system that runs the actual equipment. It is properly “air-gapped” such that no one outside the fence can access it. We can lose our regular computer system but still keep running the equipment.
I can see the pipeline issue (barely, seems like there should be an easy fix). But a meat packing plant got hacked? No way.
Colonial Pipeline shut down because the billing system was locked.
The pipeline worked fine, we now know. It was just that colonial couldn’t charge its customers.
Don,
Food Safety Regulations. All that product must be tracked through the system, and be able to trace the steak all the way back to the the original steer, and the original source ranch.
If they cannot do that tracking and tracing, then all that beautiful beef is nothing more than landfill. If they even think their system is corrupted, they will not slaughter a single animal. Or they will fall back to manual handwritten record keeping, where suddenly you can only slaughter and process as fast as the clerks can process the paperwork. By hand.
Imagine trying to implement a new manual record keeping system without warning, training, or notice?
POLAND! They appear to be serious MoFos
Poland is way too close to the source of most of the Cyber Attacks, Russia and the Balkans. It would be too easy for nation state like Russia to retaliate. You know that Czar Vladimir Putin would love for Poland to give him an excuse to attack them. Just like in 1939, the feckless shits in the rest of Europe would do Jack Squat to aid and defend Poland if Russia attacked. Biden would be just as bad at defending anyone in Western Europe from Russia, China, or Iran.
NATO Treaty? It will be worth as much as all the Disarmament Treaties and Peace Treaties signed in the 1930s.
Or even simpler and more secure, albeit with no control from off-site:
Set up a single computer to show all of the relevant diagnostics on its screen.
Set up a second computer, on a separate network, with a camera to look at the first computer’s screen and stream the image.
Give the contractors access to computer 2’s image stream.
It sounds silly … But I’ve seen this done on for particle accelerator control systems, so users and operators can see status from home but unless you’re on the internal network, you can’t change anything. This was done to avoid tempting hackers to try to damage the accelerator or create a radiation hazard, etc.
Neat. That sure is a failsafe “air gap”, a very literal one. Compared to firewalls, it has the obvious advantage that it’s really fool proof, and that “configuring it correctly” is so simple anyone can do it. I suggested well-configured firewalls earlier but that does need a bit higher standard of competence.