When major cyberattacks happen, most businesses do not tend to change their behavior to protect themselves. The recent Colonial Pipeline hack that caused widespread gas supply issues across the country should have served as a warning to all American businesses that they need to take cyber security more seriously. Now, major meat producer, JBS USA, issued a press release stating that its servers had been the victim of an “organized” cyberattack. Every industry, even meat, has the potential to be the target of cyber criminals.
The company offered little detail on the incident but did say in its release that, “the company is not aware of any evidence at this time that any customer, supplier or employee data has been compromised or misused as a result of the situation.”
Only a few weeks before the Colonial Pipeline attack, the Molson Coors brewing company faced a hack that is still causing a slow down in production. Coors also offered little detail in its disclosure to the SEC but many believe that the beverage company was likely the victim of a ransomware attack. In this case, there is a strong likelihood that JBS is also the victim of a ransomware attack.
In a ransomware attack, a bad actor introduces malware to a system that essentially locks the owner out of their own computers unless a ransom is paid. In many cases, if the ransom is not paid, the hacker will destroy or release sensitive data.
The Colonial Pipeline hack was confirmed to be a ransomware attack, and as our analyst found, the ransomware used was packaged and sold as a service so that nearly anyone could use it. This model is known as Ransomware-as-a-Service (RaaS), and it allows even unsophisticated criminals to perpetuate devastating large-scale attacks. For a relatively small fee, or a cut of the proceeds, nearly anyone could potentially hack a major corporation and hold their facilities and data for ransom.
Oftentimes, the target is breached through a weak link in its supply chain. In fact, 82% of companies have suffered a data breach in the past year due to a weakness in the supply chain. The supply chain now represents the most vulnerable link in any company’s cyber security and it is very much possible that JBS had its network infected through a smaller company in its supply chain.
That is largely because smaller companies in the supply chain tend to not take cybersecurity issues seriously because they believe they will not be targeted. Hackers are very much aware of this vulnerability and they exploit small companies to get to bigger fish, without the vendor ever knowing.
When the dust settles, however, and the big fish employs digital forensics, the source of the breach will get uncovered. If a supplier and its lack of proper cybersecurity measures are found to be the reason for a cyberattack, that supplier could not only be held legally liable but their reputation and standing could be tarnished.
JBS will not be the last cyberattack this year. It may not even be the last cyberattack this month. These attacks are preventable, however, as long as companies that do business together do the right thing and protect one another. It is not good business to get hacked and it is also not good business to let your clients get hacked.