ALEXANDRIA, VA (June 2, 2021) – According to reports this week, Brazilian-based JBS, the world’s largest meat processing company, has been hit by a cyber-attack causing a shutdown of operations in Australia, Canada, and the U.S., thus affecting thousands of workers.
This incident comes less than one month since Colonial Pipeline was forced to temporarily halt its pipeline operations resulting in major disruption and panic buying on the East coast of the US, which gets almost half its fuel from the pipeline. Colonial Pipeline paid $4.4m to the ransomware organization responsible for the attack and it took a week to restore normal operations. It is currently unclear who attacked JBS, what ransom they demanded, or whether JBS has paid the demand, but they have announced they plan to restore operations in the U.S. on Wednesday June 3rd, less than a week after the attack.
The relatively short outage for JBS should be no comfort to anyone. In the first half of 2021 alone, we have seen cyberattacks on our water and fuel supplies and now our food production; all three are critical infrastructure sectors defined by the U.S. Department of Homeland Security.
The Colonial Pipeline incident has caused the U.S. Transportation Security Administration (TSA) to announce new reporting requirements for the pipeline operators that it oversees. This requires pipeline operators to report cyberattacks on their systems to the U.S. federal government within 12 hours.
While Mission Critical Global Alliance (MCGA) agrees that this reporting requirement is an important step, it will only help with lagging indicators of the U.S. critical infrastructure preparedness. We are still lacking better leading indicators of cybersecurity readiness. Furthermore, MCGA believes that critical infrastructure operators need to be better prepared for what are now considered inevitable cyberattacks on their organizations.
MCGA, along with other organizations and individuals, has been involved in raising awareness of the risk of cybersecurity incidents to our nation’s critical infrastructure for many years. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.
MCGA recommends that other critical infrastructure systems immediately review their response preparedness, from a people, process, and technology perspective:
People – Train everyone to anticipate a cybersecurity incident and know how to respond.
Process – Run regular exercises to ensure that the incident response plan will work when required.
Technology – Implement secure architectures, focusing especially on the segregation of systems so that it is possible to isolate parts of an environment without impacting others.
Training and awareness are key to improving cybersecurity posture. Employees should learn about system concepts, standards, technology, operations, safety and physical security, risk management, and emergency response preparedness. With better awareness and knowledge, a system operator can prepare its people, update its processes, and manage its technology.
# # #