PLAINWELL, MI — Following a massive cyber-attack against the world’s largest beef distributor, the JBS beef-processing plant in Plainwell, as well as others across the country, are coming back online.
“Systems are coming back online and JBS USA is not sparing any resources to fight this threat,” a news release from JBS states. “Given the progress IT professionals and plant teams have made in the last 24 hours, the vast majority of the beef, pork, poultry and prepared foods plants will be operational tomorrow.”
While packaging plants were shut down in Plainwell and throughout the United States and Australia, the company was able to ship product from nearly all of its facilities to supply customers on Tuesday, June 1.
John Cakmakci, president of United Food and Commercial Workers Union (UFCW) Local 951 — which oversees more than 1,1000 workers in Plainwell — said that the biggest issue has been the halt in production but as product has been able to go out, they have not run up against meat going bad.
“The refrigeration units didn’t get warm,” he said, adding that very little additional product is kept on hand as orders are filled.
Cakmakci confirmed the Plainwell plant, like other JBS plants across the United States and Australia, was able to get what little product was at the plant out and maintenance mechanics were able to do some preventative maintenance at the plant while production was halted.
“We were able to get a few hundred people back to work today and with a little bit of luck and a lot of work we will be fully functional within 24-36 hours,” he said late Wednesday afternoon.
While JBS operations in the U.S. and Australia were down due to the weekend attack, operations in Mexico and the UK were not impacted and were continuing to conduct business as normal, the company stated.
“It really makes you take heed of what’s going on and reevaluate your processes and procedures because it does leave you quite vulnerable,” Cakmakci said. “I’m pleased with the communication between the company and our members. They are doing the best they can under the circumstances.”
The company is not aware of any evidence at this time that any customer, supplier or employee data has been compromised, it stated in the release.
JBS notified the federal government that it received a ransom demand from the ransomware gang REvil, which is believed to operate in Russia, the AP reported. The company has not discussed the demand in its public statements and Cakmakci told MLive they have not divulged any information to team members.
REvil has not posted anything related to the hack on its darkweb site, the AP reported, stating that is not unusual behavior and “ransomware syndicates as a rule don’t post about attacks when they are in initial negotiations with victims — or if the victims have paid a ransom.”
Ransomware expert Allan Liska of the cybersecurity firm Recorded Future told the AP the attack on JBS was the largest yet on a food manufacturer. But he said at least 40 food companies have been targeted by hackers over the last year, including brewer Molson Coors and E & J Gallo Winery.
The cyber breach comes on the heels of the shutdown of the Colonial Pipeline, which occurred in early May, resulting in the payout of a $4.4 million ransom.
The White House “is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals,” principal deputy press secretary Karine Jean-Pierre said earlier.
Also on MLive:
Fire did $1 million in damage to Mackinac Island historic home, cause determined
Old National and First Midwest banks to merge with $45B in assets
How to watch season premiere of ‘Master Chef: Legends’ online with free live stream