A May 30, 2021, ransomware attack on JBS, one of the world’s largest meat companies, disrupted the company’s operations internationally and ended when the company paid an $11 million ransom to Russian hacker group REvil.
While food production companies are potentially lucrative targets for cyberattacks, JBS was poorly protected against them compared to similar companies, according to cybersecurity experts.
The food and agriculture industry is designated as a Critical Infrastructure Sector by the U.S. Department of Homeland Security, meaning its “incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety.”
The whole industry is vulnerable to attacks like the one on JBS — and they happen quietly and often, according to John Hoffman, senior research fellow at the Food Protection and Defense Institute at the University of Minnesota.
In the aftermath of the JBS ransomware attack, a representative of cybersecurity risk management firm BitSight told national security officials that JBS had “many many issues” with its computer system.
“Overall rating was…
