June 28, 2021

This paid piece is sponsored by Eide Bailly LLP.

A version of this article previously appeared on EideBailly.com.

The threat of cyberattacks is always increasing, and the latest breach victimized an industry that is strongly represented in Sioux Falls and the Midwest.

JBS, the world’s largest meat processor, recently paid an $11 million ransom in Bitcoin to hackers who forced the shutdown of its U.S. beef plants, as well as disrupted operations at poultry and pork plants. This ransom was paid in an attempt to secure its data and protect its customers against risk.

JBS is based in Brazil and processes about one-fifth of U.S. beef and pork. The cyberattack on the meat producer caused concern that it would disrupt the market with shortages and create a rise in meat prices. This did not come to pass because JBS was able to resume its operations promptly. The company lost less than a day’s worth of food production during the attack and was able to recoup it in less than a week. JBS reported that the attack did not breach any of its data or the data of its customers.

The company also said it had been targeted in late May by an attack affecting some of the servers powering its IT systems in North America and Australia. This led it to suspend those systems and close down the production plants.

Cyber attacks targeting infrastructure

This breach is the most recent in a chain of cyberattacks targeting critical infrastructure, which has raised concerns about U.S. business vulnerabilities. The suspected criminals behind the attack make up one of the most specialized and sophisticated cybercriminal groups in the world. JBS USA’s ability to quickly resolve the issues resulting from the attack was due to its cybersecurity protocols, redundant systems and encrypted backup servers. The company spends more than $200 million annually on IT and employs more than 850 IT professionals globally.

Should you pay a ransom if hit with ransomware?

Many cybersecurity experts and even the FBI note that you should never pay a ransom because it incentivizes cybercriminals. If criminals know that insurance companies and organizations will continue to pay the ransom, they will continue to attack organizations — no matter the industry or size of the organization.

Even with significant backups, many organizations are willing to pay the ransom because it’s quicker and easier to pay than to have operations down while restoring data. Even if an organization does have sufficient backups and is willing to restore data, cybercriminals have figured out a way to combat the backup. Many cybercriminals have started to exfiltrate sensitive data to hold hostage before they encrypt your data.

Controls to help prevent a ransomware attack

This JBS meat processor hack, as well as the recent Colonial Pipeline attack, are reminders that backups are not the only thing organizations need to be doing to protect against ransomware.

While the FBI was able to recover some of the ransom paid in the Colonial Pipeline attack, organizations shouldn’t assume this always will be the case. Along with backups, other foundational controls should be in place or configured to reduce an organization’s overall risk profile. Examples include:

• Creating and implementing best practice cybersecurity policies and procedures.
• Regularly testing and scanning your environment for security weaknesses.
• Limiting administrative access and following “least-privileged” access-control principles.
• Providing customized security awareness training to all personnel.
• Ensuring all devices are kept up to date with the latest security patches and updates.
• Utilizing proper security controls to detect, prevent and respond to security events.

Dive Deeper: Read more about how to keep your organization safe from cybersecurity attacks at EideBailly.com.