Meat Supplier JBS Is The Lastest Company Hit With Ransomware Attack
STEVE INSKEEP, HOST:
The White House says it is engaging directly with the Russian government in response to a ransomware attack, an attack against the world's largest meat supplier. JBS, which is the name of the company, told the White House it believes the attack likely came from a criminal organization in Russia. Twenty percent of the meat and pork in this country is processed by JBS, and the company says its systems are coming back online. NPR national security correspondent Greg Myre is covering this. Greg, good morning.
GREG MYRE, BYLINE: Good morning, Steve.
INSKEEP: Wow. So it's like a Colonial Pipeline attack but on meat. How did this happen?
MYRE: Right, exactly. So JBS said it first detected this cyberattack Sunday, and it hit its computer servers in North America and Australia. Now, this is a huge global company. Its biggest market is here in the U.S., but it's based in Brazil, operates in 20 countries, global sales topped $50 billion last year. And it had to shut down many of its meat processing plants here in the U.S. on Tuesday, as well as Canada and Australia. No meat shortages at supermarkets so far. And a top executive says they're getting their systems back online. Most plants should be operating today. We do not know whether a ransom has been paid.
INSKEEP: I'm feeling like the Colonial Pipeline example might explain why the White House is taking this so seriously. The last big ransomware attack disrupted people's lives, became a political problem, as well as a national security problem. And now here it's happening again.
MYRE: Right. I think this really is driving the Biden administration's desire or the fact that it is jumping in quite quickly. It sent a message to Russia. It says that responsible states do not harbor ransomware criminals. We know the Russian government and criminals have been involved in many of the biggest hacks we've seen recently. The president laid out his plans last month for a more robust approach to cyberattacks. And a big part of that is more cooperation between the government and private companies.
INSKEEP: Well, what can the government really do, though, in a case like this?
MYRE: So this is exactly what I asked Dmitri Alperovitch. He's a leading cyber expert who runs the Silverado Policy Accelerator. He offered a couple suggestions that he considers quite urgent.
DMITRI ALPEROVITCH: There are two things that the Biden administration should do immediately. The first is go after the cryptocurrency, like Bitcoin. That is the oxygen that fuels this ransomware fire.
MYRE: And that's because these criminal hackers use cryptocurrencies to get paid anonymously. It's very hard to trace. And stopping this form wouldn't be easy, probably require some sort of law by Congress or financial regulation. But then he cited an even bigger challenge.
ALPEROVITCH: The second thing is we have to do some deterrence. The vast majority of these criminals are operating out of Russia. And while there's no evidence that the Russian government is involved in these attacks, they're certainly aware of many of these criminals. And we have to confront Putin and demand that these people be arrested and prosecuted right away.
MYRE: And Biden will have that chance to confront Putin face to face in two weeks at a summit scheduled for Geneva, Switzerland.
INSKEEP: Greg, I'm a layman, but I feel like I've heard about ransomware attacks for a number of years now. Is this something that the national security establishment has taken very seriously before now?
MYRE: Well, it certainly gets talked about a lot. I've certainly been to a lot of conferences, all-day events. And then maybe late in the afternoon, there's a panel on ransomware, and you can literally see a lot of people get up and step out for coffee and doughnuts. It can be pretty dry stuff talking about patching holes in your software. But now we're hitting this critical mass. The hackers are getting very good and sophisticated and organized. They're protected by states like Russia. They're hitting critical businesses. Just look at this last year - hospitals have been hit by these attacks while trying to cope with a COVID pandemic, Colonial Pipeline was hit, and this led to gas shortages on the East Coast and now the country's biggest meat supplier. So this is not just a problem for individual companies. It's a problem that's potentially hitting all of us.
INSKEEP: Greg, thanks for your insights.
MYRE: My pleasure.
INSKEEP: That's NPR national security correspondent Greg Myre.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.