World’s largest meat producer back online after cyberattack
Brazilian-based JBS has said it has made ‘significant’ progress’ in dealing with the global cyberattack on May 30th and expected the ‘vast majority’ of its plants to be operating today, Wednesday, June 2nd.
The attack affected servers supporting its operations in North America and Australia. Backup servers weren’t affected and the company said it was not aware of any customer, supplier or employee data being compromised. Earlier the White House said JBS had notified the US of a ransom demand, however JBS has not publicly stated the attack was ransomware.
In the US, JBS is the second-largest producer of beef, pork and chicken. If it were to shut down for just one day, the country would lose almost a quarter of its beef processing capacity, according to Trey Malone, an assistant professor of agriculture at Michigan State University.
The resulting closures reflect the reality that today’s meat processing plants are heavily automated, for both food and worker safety reasons. Computers collect data at multiple stages of the production process and orders, billing, shipping and other functions are electronic.
Key role companies in supply chains make ideal targets for cyber hackers
JBS plants in Australia, which were also affected, resumed limited operations today also in New South Wales and Victoria and hope to resume in Queensland on June 3rd.
Ransomware experts say companies like JBS make ideal targets for cyber hackers because they play a key role in the food supply chain and threat actors believe this increases their chances of getting speedy payouts.
Such attacks can and do wreak havoc. Last month cyber criminals shut down the operation of the Colonial Pipeline, the largest US fuel pipeline, for almost a week. The closure sparked long queues and panic buying at gas stations across the south east of the country and Colonial Pipeline confirmed it had paid $4.4 million to the hackers.
Ivanti Acquires RiskSense to Combat Cyber Attacks
Ivanti, an IT asset and service management software solutions provider, has acquired RiskSense, a company that works in risk-based vulnerability management and prioritisation, to drive the next evolution of patch management.
This combination of the two companies will enable organisations to ‘shrink their attack surface, prioritise vulnerabilities to remediate, and reduce their exposure to cyber threats and ransomware attacks by taking a proactive, risk-based approach to patch management’. The terms of the RiskSense transaction were not disclosed.
“Over the past two years, cyberattacks such as ransomware have crossed the line from being a nuisance to truly disrupting society,” said Srinivas Mukkamala, CEO of RiskSense. “And unpatched vulnerabilities remain one of the common points of infiltration into organisations’ ecosystems. I’m committed to the global fight against ransomware. And I truly believe that the combination of risk-based vulnerability prioritisation and automated patch intelligence can help organisations reduce their exposure and make a major impact in global cyberspace. Together, RiskSense and Ivanti will help customers drive operational efficiencies and defend against the next wave of sophisticated cyber threats, including ransomware attacks.”
Providing IT teams with the tools to tackle cyber issues
Solutions from the combined companies are expected to reduce the meantime to detect, discover, remediate, and respond to cyber threats, particularly critical vulnerabilities linked to or associated with ransomware. Together, Ivanti and RiskSense will provide security and IT teams with context and adaptive intelligence regarding what their organisation’s exposures are to vulnerabilities that are being actively exploited, including whether those vulnerabilities are tied to ransomware, and then enable them to quickly remediate those threats.
Ivanti has already integrated the RiskSense Vulnerability Intelligence and Vulnerability Risk Rating, which prioritises and quantifies adversarial risk based on factors such as threat intelligence, in-the-wild exploit trends, and security analyst validation, into Ivanti Neurons for Patch Intelligence.
“This combination will allow us to provide our customers with a holistic view of vulnerabilities and exposures, and then enable them to take fast action through Ivanti Neurons for Patch Intelligence. Customers will be able to greatly reduce their attack surface and risk of breach because of the vulnerability intelligence and the resulting remediation prioritisation based on actively trending exploits and ransomware attacks,” said Jim Schaper, Ivanti Chairman and CEO.