New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


JBS Foods Shuts Down Production After Cyberattack

JBS Foods, a leading food company and the largest meat producer globally, had to shut down production at multiple sites worldwide following a cyberattack. The incident impacted multiple JBS production facilities worldwide over the weekend, including those from the United States, Australia, and Canada. JBS is currently the world’s largest beef and poultry producer and the second-largest global pork producer, with operations in the United States, Australia, Canada, the United Kingdom, and more. The Australian government has also been informed of the incident and is currently working with JBS to bring production facilities back online around the country. Currently, there is no information available on the nature of the cyberattack but based on the attackers’ choice to hit the company’s systems over the weekend, there is a high chance that ransomware was involved. Australia’s Agriculture Minister David Littleproud could not confirm this hypothesis but did warn of the severe economic impact on workers at JBS’ offline production facilities, distribution centers, and transportation hubs. “It will depend how long this goes on for, and how long JBS are offline, for it is a supply chain that starts from the farm gate, right through to feed lots, to truck drivers,” Littleproud added. The Australian Meat Industry Employees Union’s Queensland Secretary Matt Journeaux also said that thousands of JBS would be affected by the cyberattack in Australia alone as they will not be able to return to work on Monday.

Analyst Notes

It is currently unknown as to the extent of the attack and if any information was stolen. Customers and suppliers alike should be on the lookout for increased phishing attacks. It is advisable for anyone with an online account on JBS Foods websites to change their login credentials on any other site where the same password was used, so that it cannot be used in other attacks. If available, multi-factor authentication should be enabled to further protect themselves from credential theft.