John Vestberg’s thoughts provide a beacon of clarity through JBS ransomware attack
In June 2021, JBS, the world’s largest meat production firm, was subject to a huge ransomware attack which impacted customers in the US and Australia.
The Brazilian-based organisation was targeted by the cybercriminal gang, REvil. The Russian group encrypted all JBS’ files and completely disrupted operations with all activity as its US and Australian plants halted in response. JBS is responsible for 20% of the US’ beef supply so the decision to pause wouldn’t have been taken lightly.
In fact, such was the depth of the attack, JBS was left in the position where it felt its only option was to pay the $11 million in Bitcoin being requested by REvil. CEO, Andre Nogueira, explained it was the only option the company had at the time, with it not wanting to impact customers or operations any further. This was against FBI advice.
The attack followed on just weeks after a similar incident on the US Colonial Pipeline orchestrated by DarkSide, another Russia-based group. Once again, however, Clavister’s CEO John Vestberg was able to step up to the fore to provide valuable insights on the situation:
“We often speak about the impact of cyberattacks on critical national infrastructure in relation to utilities, but this highlights the impact an attack on the food chain can have too. The computer networks at meat processing firm JBS were targeted with ransomware – by a criminal organisation likely based in Russia, according to the White House – with the effects felt in operations in the US, Canada and Australia. It’s warned that the attack could have lasting implications on consumers through product shortages and rising prices, similar to the effects of the Colonial Pipeline ransomware attack last month.
“Ransomware is becoming an ever-more popular weapon for cyber criminals as it can offer an incredibly high return. The owners of the Colonial Pipeline admitted to paying a $4.4m ransom to Darkside, the attacker, to end the situation and we should all hope that doesn’t set a worrying precedent.
“Combatting ransomware requires a proactive, not a reactive, response. Using predictive analytics and tools like AI or ML, security teams can see malware morphing and behaving in certain ways. These are red flags and means they can be seen and caught before ransomware can cripple systems, such as JBS’.”
John’s opinions were highly valued once more throughout the tech community. Intelligent CIO exclusively used his thoughts in its piece on the matter. Silicon also used John’s comments and focussed on the similarities between this attack and the attack in May on the Colonial Pipeline. Information Security Buzz also featured John in its series of experts commenting on the matter.
It is fantastic to see what a keystone John is within the cybersecurity community and that he can provide such important insights on these matters.
Check-in with the Clavister blog for more updates on John’s presence in the media.
