Ransomware attack on world’s largest meat processor highlights a shift in cyberwar strategy

Has the ransomware attack on JBS, the world's largest meat processor, signified a shift in hackers' cyberwar strategy?

The world’s largest meat processing company, JBS, has been hacked by a sophisticated ransomware attack.

The cyber attack caused some operations in Australia, Canada and the US to temporarily shut down, which could lead to shortages of meat of a hike in prices for consumers.

The White House said the attack may have originated from a criminal group likely based in Russia.

“JBS notified [the White House] that the ransom demand came from a criminal organisation likely based in Russia,” White House spokeswoman Karine Jean-Pierre said on Tuesday.

“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” she added.

The latest incident follows a recent cyber attack on Colonial Pipeline, a major fuel supplier in the US — although the group behind this, DarkSide, has since said their only motivation was money.

A shift in cyberwar strategy

The cyber attack on JBS signifies a shift in cyberwar strategy, according to Hitesh Sheth — CEO at Vectra AI, the AI cybersecurity company:

He comments: “The JBS attack is one more signal of a disturbing shift in cyberwar strategy. On the surface it looks like another ransomware attack, but what’s really telling is the choice of targets. This is an important global supply chain moving essential goods to 100+ countries.

“Such attacks on critical infrastructure create a higher form of chaos. Disrupting vital food and fuel supply chains is bigger than stealing credit card numbers or holding health records for ransom. Consider the JBS attackers’ intent; clearly, it’s more than just a pay day; clearly, they don’t care that much about meat.”

“On an almost weekly basis, we’re now confronting the real vulnerability of our essential systems. The motive now runs deeper than ransom – attackers want people, not just businesses, knocked back on their heels. The question is, does our joint commitment to a more effective defence run equally deep? Perhaps these more ambitious attacks like JBS and Colonial Pipeline will finally make us see cybersecurity as the global emergency it is. What bigger signal do we need?

“We understand JBS has told the US federal government that it believes its attacker is likely based in Russia. Underline the “likely,” please. Russia is of course a prime source of cyber chaos. When critical infrastructure in the West is damaged, the broad disruption and street-level worry helps Russian political goals. But in cyberwar, there is a world of difference between a likely culprit and certain culprit. And it’s not helpful to think of cyber conflict as a superpower showdown, some kind of sequel to nuclear terror. We have no shortage of enemies and not all are nation-states. The lasting defence measures I believe we can and will achieve must reduce threats across the landscape — not just those from Russia.”

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

Cyber Attack