CHICAGO (Reuters) -A notorious Russia-linked hacking group is behind the cyberattack against JBS SA that disrupted meat production in North America and Australia, Bloomberg News reported, citing sources.
JBS, the world’s largest meatpacker, said on Tuesday night it had made “significant progress in resolving the cyberattack”.
The “vast majority” of the company’s beef, pork, poultry and prepared foods plants will be operational on Wednesday, according to a statement, easing concerns over rising food prices.
The cyberattack followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, which crippled fuel delivery for several days in the U.S. Southeast.
The cyber gang goes by the name REvil or Sodinokibi, Bloomberg said.
Multiple ransomware groups such as REvil had said they were shutting down or scaling back operations in May as the U.S. government ramped up pressure after the Colonial hack and would steer clear of government, nonprofit, or healthcare sectors. [nL2N2N30HE]
With North American operations headquartered in Greeley, Colorado, JBS controls about 20% of the slaughtering capacity for U.S. cattle and hogs.
JBS sells beef and pork under the Swift brand, with retailers like Costco Wholesale carrying its pork loins and tenderloins.
JBS also owns most of chicken processor Pilgrim’s Pride Co, which sells organic chicken under the Just Bare brand.
Over the past few years, ransomware has evolved into a pressing national security issue. A number of gangs, many of them Russian speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.
(Reporting by Caroline Stauffer; editing by Steve Orlofsky)