© 2024 New Hampshire Public Radio

Persons with disabilities who need assistance accessing NHPR's FCC public files, please contact us at publicfile@nhpr.org.
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations
Purchase your tickets today and be entered to win ALL prizes including $35k toward a new car or $25k in cash during NHPR's Summer Raffle!

Meat-Packer JBS Expects To Operate At Near Full Capacity After Ransomware Attack


JBS, the biggest meat packing company in the world, says it expects operations to be back near full capacity today. The company's recovering from a ransomware attack that the FBI blames on a group based in Russia. NPR national security correspondent Greg Myre is following this one. Good morning, Greg.


KING: So still a developing story here with a lot of implications. What's the latest?

MYRE: So JBS says it is getting back to normal. It has nine big plants around the U.S. This is a quarter of the U.S. meat supply, tens of thousands of workers. All of this was shut down earlier this week. Much of it started to come back on Wednesday. And now, as you noted, the company anticipates operating at more or less full capacity in the U.S. and around the world today. There have been no reports of any real meat shortages or price hikes, so we haven't seen any disruptions. If there are, they're likely to be minimal. But it is another pointed reminder of the threats to critical infrastructure. Last month, it was the Colonial Pipeline, which supplies gas on the East Coast, and now it's JBS. I'm willing to venture that many Americans had never heard of either of these companies a month ago. But now, in fact, we see absolutely how critical they are.

KING: Colonial Pipeline, that was also blamed on a group based in Russia. Is it the same group here? Who is it? Who does the FBI think did this?

MYRE: A different group, it looks like. But the FBI is attributing this to Russian criminals, as with the Colonial Pipeline. It says they were using a malware known as are REvil. And this is a pretty well-known malware. It's been used pretty widely over the past couple of years in ransomware attacks. Now, we have no word that ransom was paid. The company isn't saying one way or the other, but this is often the case. Colonial paid more than $4 million. And often, especially when these cases get sorted out very quickly, that can suggest that ransom was paid. JBS first detected this attack just on Sunday.

KING: The White House has said it's in contact with the Russian government about this incident. But if these are independent actors, how much can the White House really do?

MYRE: Well, very little, especially when an attack is underway. It is important for the government to be aware of the potential fallout, what this could have meant for the food supply. But a decision to pay ransom or not is up to the company. And the company, as in this case and others, calls in private cybersecurity firms to help restore their systems and make sure they're better protected. Now, what the White House has done this morning is Anne Neuberger, who's the top cyber official on the National Security Council, she's released a memo and it emphasizes that companies really have to protect themselves. It's not something the government can do or should do. It says in her memo that, quote, "no company is safe from being targeted by ransomware regardless of size or location. But there are immediate steps you can take to protect yourself." And then she goes on to list several. And a lot of them are pretty basic - computer login, you should have at least two steps, not just one password. Critical data should be backed up and kept offline so that if the hackers do get in and encrypt data, freeze (ph) it up, a company can still function. And a lot of these hacks are pretty simple phishing operations where somebody steals an email. So the defense isn't necessarily all that complicated, but everybody has to do their part.

KING: And, Greg, more broadly, because we keep hearing about these types of attacks and obviously they appear to be getting more serious, what is the Biden administration's strategy for dealing with this?

MYRE: Well, President Biden put out an executive order last month with his broader cyber strategy. They're trying to set up a system of software standards so that companies will know they have a basic level of protection, set up a system for reporting hacks so that the information gets shared widely and then in the aftermath, look at the forensics to share information so companies can better protect themselves. And Biden is also likely to raise this in two weeks on June 16, when he has a summit meeting with President Putin in Geneva.

KING: NPR's Greg Myre. Thanks to your reporting, Greg. We appreciate it.

MYRE: My pleasure. Transcript provided by NPR, Copyright NPR.

Greg Myre is a national security correspondent with a focus on the intelligence community, a position that follows his many years as a foreign correspondent covering conflicts around the globe.
Noel King is a host of Morning Edition and Up First.

You make NHPR possible.

NHPR is nonprofit and independent. We rely on readers like you to support the local, national, and international coverage on this website. Your support makes this news available to everyone.

Give today. A monthly donation of $5 makes a real difference.