Meat-Packer JBS Expects To Operate At Near Full Capacity After Ransomware Attack
NOEL KING, HOST:
JBS, the biggest meat packing company in the world, says it expects operations to be back near full capacity today. The company's recovering from a ransomware attack that the FBI blames on a group based in Russia. NPR national security correspondent Greg Myre is following this one. Good morning, Greg.
GREG MYRE, BYLINE: Hi, Noel.
KING: So still a developing story here with a lot of implications. What's the latest?
MYRE: So JBS says it is getting back to normal. It has nine big plants around the U.S. This is a quarter of the U.S. meat supply, tens of thousands of workers. All of this was shut down earlier this week. Much of it started to come back on Wednesday. And now, as you noted, the company anticipates operating at more or less full capacity in the U.S. and around the world today. There have been no reports of any real meat shortages or price hikes, so we haven't seen any disruptions. If there are, they're likely to be minimal. But it is another pointed reminder of the threats to critical infrastructure. Last month, it was the Colonial Pipeline, which supplies gas on the East Coast, and now it's JBS. I'm willing to venture that many Americans had never heard of either of these companies a month ago. But now, in fact, we see absolutely how critical they are.
KING: Colonial Pipeline, that was also blamed on a group based in Russia. Is it the same group here? Who is it? Who does the FBI think did this?
MYRE: A different group, it looks like. But the FBI is attributing this to Russian criminals, as with the Colonial Pipeline. It says they were using a malware known as are REvil. And this is a pretty well-known malware. It's been used pretty widely over the past couple of years in ransomware attacks. Now, we have no word that ransom was paid. The company isn't saying one way or the other, but this is often the case. Colonial paid more than $4 million. And often, especially when these cases get sorted out very quickly, that can suggest that ransom was paid. JBS first detected this attack just on Sunday.
KING: The White House has said it's in contact with the Russian government about this incident. But if these are independent actors, how much can the White House really do?
MYRE: Well, very little, especially when an attack is underway. It is important for the government to be aware of the potential fallout, what this could have meant for the food supply. But a decision to pay ransom or not is up to the company. And the company, as in this case and others, calls in private cybersecurity firms to help restore their systems and make sure they're better protected. Now, what the White House has done this morning is Anne Neuberger, who's the top cyber official on the National Security Council, she's released a memo and it emphasizes that companies really have to protect themselves. It's not something the government can do or should do. It says in her memo that, quote, "no company is safe from being targeted by ransomware regardless of size or location. But there are immediate steps you can take to protect yourself." And then she goes on to list several. And a lot of them are pretty basic - computer login, you should have at least two steps, not just one password. Critical data should be backed up and kept offline so that if the hackers do get in and encrypt data, freeze (ph) it up, a company can still function. And a lot of these hacks are pretty simple phishing operations where somebody steals an email. So the defense isn't necessarily all that complicated, but everybody has to do their part.
KING: And, Greg, more broadly, because we keep hearing about these types of attacks and obviously they appear to be getting more serious, what is the Biden administration's strategy for dealing with this?
MYRE: Well, President Biden put out an executive order last month with his broader cyber strategy. They're trying to set up a system of software standards so that companies will know they have a basic level of protection, set up a system for reporting hacks so that the information gets shared widely and then in the aftermath, look at the forensics to share information so companies can better protect themselves. And Biden is also likely to raise this in two weeks on June 16, when he has a summit meeting with President Putin in Geneva.
KING: NPR's Greg Myre. Thanks to your reporting, Greg. We appreciate it.
MYRE: My pleasure.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.