JBS attack shows the immense threat posed by ransomware

JBS attack shows the immense threat posed by ransomware

The world’s largest meat supplier, JBS, was forced to halt operations at many of its U.S. and Australian processing plants after a massive cyberattack. This activity threatened supply chains across the world, and resulted in an immediate rise in wholesale red meat prices.

JBS’ plants process nearly a quarter of the beef and a fifth of the pork produced in the U.S. The company has more than 245,000 employees worldwide, and over $50 billion in annual revenue.

This cyberattack, while notable in its own right, is also simply the latest example in a dangerous pattern of escalating ransomware hazards

Ransomware is a rapidly growing threat

Organizations around the world are facing a rapid rise in cyberattack volume, especially in the wake of the COVID-19 pandemic and subsequent widespread shift to work-from-anywhere business models. Many have rushed to adopt new solutions that enable remote data access and collaboration — sometimes without proper vetting, training, or security. This has dramatically increased the attack surface for hungry cybercriminals. Last year, 31% of companies were attacked at least once per day, and over 1,000 had data leaked as a result.

As we predicted in the Acronis Cyberthreats Report 2020, ransomware is proving to be a top threat this year. In the last six months, there have been quite a few high-profile attacks against government agencies, infrastructure, and major international corporations:

  • A supply chain attack against software company SolarWinds compromised thousands of global organizations, including many U.S. federal agencies, setting the stage for further malware delivery.
  • Colonial Pipeline, which provides 45% of all fuel for the U.S. East Coast, was forced to shut down operations for days after a ransomware strike
  • Ireland’s health service operator shut down all IT systems to prevent a ransomware strike from spreading, which crippled diagnostic services and disrupted COVID-19 testing
  • Computing giant Acer was hit with a record-high $50 million ransom demand

The experts at our global network of Acronis Cyber Protection Operations Centers (CPOCs) also pointed to a growing shift in how ransomware gangs operate, with an increased tendency towards data exfiltration — enabling attackers not only to prevent victims from accessing their own files, but also to threaten the public release of highly sensitive data if ransom demands aren’t met.

A new cyberthreat paradigm

Years from now, 2021 may be seen as a pivotal time in how the public began to view cyberthreats. Stories like this have dominated recent headlines, and the real-world impact has been impossible to ignore. Just yesterday, the U.S. Department of Justice announced they’d be elevating investigation of ransomware attacks to a similar priority as terrorism.

“It’s clear that every company out there needs to improve their security posture, but most importantly their business disruption policies,” said Christopher Krebs, former Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), in a recent interview on The Today Show. “If you’re a corporate executive or a state [or] local government agency head, and you thought that you would be spared… guess what, they went after our gas and they went after our hot dogs. Every single corporate executive needs to be convening their cybersecurity teams and their business resilience teams today.”

That call to get IT and security teams in the same room to address the threat is something Acronis has suggested as being core to an effective cyber protection strategy. The silos have to stop.

Final thought

Ransomware remains a high-priority threat, and is poised to continue dominating news headlines for the foreseeable future. With increases in automation, no business can rely on being “too small” or “too insignificant” to escape attackers’ attention — it takes no effort on their part to target your organization.

Any business that relies on data and IT — in short, every business — is vulnerable. The best defense you can implement today is to adopt cyber protection strategies that go beyond simple backup or cybersecurity. An integrated, holistic approach provides more complete cover for workloads and enables unique interactions — like the automated removal of ransomware from backups before restoring data. Solutions that support effective disaster recovery must also be prioritized, as any operational downtime can be devastating to your reputation and your bottom line.

If your company winds up in tomorrow’s front-page headlines, make sure it’s for the right reasons.

For a deeper look into the threats posed by modern ransomware — and strategies for securing your data — register for our upcoming webinar on June 9: “See Inside a Live Ransomware Attack — Then Learn How to Prevent All of Them