BACKGROUND:
The world’s largest meat supplier, JBS Foods, has been hit by a cyber-attack, the latest in a string of high-profile international hacks which show no sign of slowing down.
Hackers have been crippling supply chains as a priority, following the Colonial Pipeline attack just weeks ago. Protecting these links between critical systems is vital, as cyber security experts explain below. We can no longer underestimate the supply chain‘s importance or consider its security only as an afterthought. Companies must start protecting it with intelligent cybersecurity.
<p>The recent cyberattack involving JBS, the world\’s largest meat processing company, is unfortunately the latest example in a growing global trend. Organised crime gangs are increasingly targeting large companies which they know they can hold to ransom and whose operations they can severely disrupt. If they price the ransom right, it can be far cheaper and easier for a company to pay up as opposed to losing vast sums of money due to their operations being down. In one recent example, Colonial Pipeline reportedly confirmed that it paid a £3.1m ransom in efforts to stop further misuse of personal information, which can lead to costs rising massively in the form of compensation pay-outs and legal action.</p> <p> </p> <p>These attacks can have devastating consequences for businesses and they can put the information of their customers and employees at risk. The solution is simple: all businesses must ensure that they have sufficient cybersecurity measures in place to protect themselves, and they must follow the guidance when it comes to post-cyberattack protocols. Failing to protect servers, systems and information can mean being forced to pay not only hefty ransoms but also regulatory fines, as well the costs of compensation and litigation.</p> <p> </p> <p>With security experts at Sophos estimating that only 8% of businesses that pay a ransom actually get all their data back, it is clear to see that prevention is the only way forward.</p>
<p>The safety of a nation’s food supply is vital to its national security interests. Although it is unclear at this time whether the attackers intended to disrupt production, as we saw recently with Colonial Pipeline, cyberattacks can have devastating unintended consequences. This attack continues to illustrate that no segment of the public and private sector, regardless of their importance, is off limits to cybercriminals. JBS’s transparency and immediate cooperation with the departments of agriculture and law enforcement of both the United States and Australia was a welcome step in the recovery process. As evidenced by the US State Department’s communications with Russia over this attack, nations are going to have to work together to ensure there is no safe haven for cyber-criminals to use as a base of operations.</p>
<p style=\"font-weight: 400;\">We have already seen this year a dramatic acceleration in nation-state attacks on critical infrastructure, such as the Colonial Pipeline which crippled the US for several days. This isolated attack on JBS can have similarly significant impacts and even threaten global food security. This illustrates exactly why organisations need to significantly advance their cybersecurity posture.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">The FBI are now investigating the attack and most likely, the US government will again focus on trying to identify and prosecute the attackers, instead of looking at how to strengthen defenses. To prevent these types of attacks the most important thing is basic blocking and tackling. Focus on the biggest risks and put strong defenses in place. Then test them continuously to make sure they’re correct and effective. The days of manual cybersecurity are over. Everything must be automated and continuous to support our critical infrastructure and keep the world moving.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">Attackers are increasingly going after organisations that aren’t technology-focused companies and crippling their ability to provide service, creating pressure to pay the ransom quickly. It’s important to remember that while today’s attacks are ransomware, attackers could just as easily launch other types of attack to cripple businesses. That’s why it’s important to use a framework like the NIST CSF and get organized about your security efforts. Don’t simply do a knee-jerk reaction to the latest attack or you’ll chase your tail.</p>
<p>Ransomware attacks on critical national infrastructure including food supplies are becoming all too common. The ransomware attack on JBS isn\’t too dissimilar to the recent Colonial Pipeline ransomware attack, hitting a different type of supply chain and causing significant disruption. It\’s clear these attacks are going to happen. Businesses can\’t be protected all the time but these attacks succeed due to outdated systems and because many organisations still rely on perimeter defense and signature detection tools. This means when the attacker is inside the network, that organisation is completely vulnerable.</p> <p><br />Businesses must learn from the downfall of others. Visibility is crucial for detecting ransomware quick enough to respond before it\’s too late.</p>
<p><a name=\"m_-8875543090392361709_m_9199507181870106149__Hlk73519008\"></a>The attack on JBS is yet another example of the surging threat posed by ransomware, and a stark reminder of the devastation that can be caused to the business operations of those affected. With global supermarkets and some of the world’s largest corporations set to bear the brunt of the disruption caused by the incident, we are reminded of the importance of having a swift response strategy in place to minimise damage, not just within the business, but throughout the entire supply chain.<u></u><u></u></p> <p><u></u> <u></u></p> <p>In today\’s volatile cyber landscape, a quick response to an attack is essential. It\’s not just about identifying a breach when it occurs. Organisations must also have in place a strong incident response strategy, built on a layered approach of people, process and technology. In doing so, organisations can implement intelligent and agile security measures to ensure minimal damage, not only in technical remediation, but also by ensuring that the incident is reported to the authorities quickly to prevent any potential impact on employees, partners or customers and to limit any reputational, financial and legal fallout.</p>