JBS SA is starting to at least partially reopen most idled beef plants across North America and Australia after a cyberattack forced the world’s largest meat producer to halt operations.
The Brazilian food giant said late Tuesday that it had made “significant progress” to resolve the attack and would have the “vast majority” of its plants operational by Wednesday. A second shift at its Greeley, Colorado facility, one of the largest beef plants in the U.S., was set for a regular production day, while plants in Texas, Nebraska and Wisconsin were resuming partial operations, company Facebook posts said.
By Thursday, an Omaha plant will resume work while one in Pennsylvania will be back to normal status, labor union leaders said. JBS said its Canadian beef facility in Alberta, one of the largest in the country, has resumed production. Workers at the Longford beef processing plant in Australia have been told operations will resume Friday, according to a spokesman for the Australasian Meat Industry Employees Union in Tasmania.
Sunday’s cyberattack forced JBS to shut down all of its beef plants in the U.S. — accounting for almost a quarter of American supplies — and slow pork and poultry production. Slaughtering operations across Australia were halted and at least one Canadian plant was idled. JBS, which has facilities in 20 countries, also owns Pilgrim’s Pride Corp., the second-biggest U.S. chicken producer. The extent of the outages may never be known as JBS didn’t detail the impact.
The attack and ensuing shutdowns upended agricultural markets and raised concerns about food security as hackers increasingly target critical infrastructure.
Live cattle futures in Chicago had fallen as much as 3.4% from Friday’s close to touch a near five-month low on Tuesday, before rebounding Wednesday by as much as 2.5%. Pork cutouts slid 0.6% in Chicago, trimming gains since Friday to 2.9%.
“Our systems are coming back online and we are not sparing any resources to fight this threat,” JBS USA Chief Executive Officer Andre Nogueira said in Tuesday’s statement.
Fitch Ratings said Wednesday that it doesn’t anticipate any immediate effect on JBS’s credit ratings from the cyberattacks and views future negative ratings implications from the attack as “highly unlikely, provided the company is able to return to normal operations in the near term.”
Shares of JBS fell 1.1% in Sao Paulo trading, underperforming the 1% gain of Brazil’s Ibovespa benchmark Index.
It’s unclear what the impact on meat prices will be from the latest attack. Retailers don’t always like increasing prices for consumers and may try to resist, according to Michael Nepveux, an economist with the American Farm Bureau Federation. “How long it goes on will impact to what level consumers start to see something at the grocery stores,” he said in a phone interview.
Food buyers fear that disruptions from the JBS attack compound already challenging issues in the meat industry when prices are already high.
“It just adds more fuel to the fire,” said Anne Hurtado, a Chicago-based buyer for Amigos Meat Poultry who fears her JBS orders for this week won’t ship on time. “We’ve been seeing a lot of inflation in the meat industry in the past month. Demand has been high, exports have been high.”
Wholesale beef prices out of the meat market in New York are up as much as 2% from Friday, said Kevin Lindgren, director of merchandising at Baldor Specialty Foods.
“Nothing crazy yet,” Lindgren said, though he expects prices will be 10% higher in a week. “It will get progressively higher as the squeeze comes.”
The JBS attack is thrusting America’s system of churning out cheap meat back into the spotlight.
The sector is dominated by a handful of titans — Tyson Foods Inc., JBS and Cargill Inc. — which control about two-thirds of America’s beef. Taking down even a few plants can disrupt supplies, as seen last year when Covid-19 outbreaks idled plants and sparked meat shortages across the country. The industry is so concentrated that idling the JBS plants meant that the U.S. government on Tuesday was prevented from releasing some key meat-pricing data that agricultural markets rely on daily.
“Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat processing capacity,” said U.S. Senator John Thune of South Dakota, the Senate’s second-most powerful Republican.
The JBS attack comes three weeks after Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, was targeted in a ransomware attack attributed to a group called DarkSide. Experts have said there’s some evidence linking the group to Russia. That followed a series of devastating hacks against American government agencies, businesses and health facilities, often blamed on Russia or Russia-based hackers at a fraught time in relations between the countries.
A notorious Russia-linked hacking group is behind the JBS attack, according to four people familiar with the campaign who were not authorized to speak publicly on the matter. The cybergang goes by the name REvil or Sodinokibi.
Russia has no information on the cyberattack, but is in diplomatic contact with the U.S. government, according to Kremlin spokesman Dmitry Peskov. Cybercrime issues will be on the agenda at a June 16 summit between Presidents Joe Biden and Vladimir Putin, he said.
There have been more than 40 publicly reported ransomware attacks against food companies since May 2020, said Allan Liska, senior security architect at cybersecurity analytics firm Recorded Future.
“It is frightening to see the number of critical hacks and cyberattacks coming into the U.S. and critical infrastructure,” Republican Representative Kevin Brady of Texas said to David Westin in a Bloomberg TV interview, adding that business and government need to work together to defend against such attacks. “We have to think through our entire supply chain in every critical part of our economy and identify where those cyber weaknesses could be.”