JBS ransomware attack: one of the largest data breaches of 2021

Posted on June 07, 2021

On 30 May 2021, global meat processing giant JBS suffered a ransomware attack in Australia, Canada, and the USA which has resulted in massive global commercial and employee disruption.

Brazilian owned JBS shut down multiple facilities after the attack, and sent home thousands of its 11,000 Australian employees. In the USA the company has more than 66,000 employees.

The US government has blamed the ransomware hack on JBS operations on a criminal organisation based in Russia. The motive seems financial, not political or “activist-based”.

What is ransomware?

Ransomware is a type of malicious software (malware). When it gets into a device, it locks up or encrypts the computer or its files, rendering them unusable. Cybercriminals use ransomware to deny a business access to its own files or devices, then demand payment as the price of releasing files and allowing access.

How to spot ransomware

If an attack comes, it is usually pretty clear:

  • Pop-up messages requesting funds or payment to unlock files.
  • No access to devices, or login not working for unknown reasons.
  • Files request a password or a code to open or access them.
  • Files have moved or are not in their usual folders or locations.
  • Files have unusual file extensions, or their names or icons have changed to something strange.

Notifiable Data Breaches (NDB) scheme obligations in Australia

Since February 2018, certain organisations which handle ‘personal information’ must notify a serious data breach, see here, and businesses falling victim to a ransomware attack may be caught by the obligation to notify (see here).

Lessons learnt from JBS

The ramifications of the JBS cyber attack are continuing to unfold. Clearly time will be an important factor in assessing the degree of impact that this ransomware attack inflicts on JBS and its customers.

JBS implemented “lights out” measures on all its computer operation systems; stock is not being moved and thousands of chilled carcases from recently slaughtered cattle were put on hold. The cost of spoiled stock and inability to move stock to some of its largest customers will cost JBS plenty.

The JBS cyber-attack is a timely and sobering reminder that a fast response to a suspected eligible data breach is critical in limiting the consequent harm. Businesses must have a data breach response plan in order to respond quickly and effectively if there is a ransomware or other cyberattack.

JBS is a global, well-resourced, and sophisticated business. Would you be ready for a ransomware attack? We have helped many clients who have suffered actual or suspected data breaches, and helped many others implement response plans. A moderate amount of planning and forethought can save a lot of grief and expense later on. Please contact us for further advice or help.

View all articles