Cyberattack temporarily shuts down Brooks slaughterhouse, exposes ‘vulnerability’ of food system
‘It certainly was not on our radar, certainly was not something we thought could have happened to the beef industry’
The Brooks facility, along with JBS’s five biggest beef plants in the U.S., was idled Sunday after a cyberattack on some of the company’s servers, the Brazilian-owned meat processing giant said in a Monday statement. All shifts for unionized workers at Brooks were cancelled until mid-afternoon Tuesday, when production was able to be restarted, according to the union that represents 2,500 employees at the southern Alberta plant.
“We don’t know a lot at this point about the nature of the attack or what was going on,” said Scott Payne, spokesman for the United Food and Commercial Workers Local 401. “We know that the plant was not operational. If you don’t have the computer systems to run the plant, then it doesn’t matter how many people you’ve got there to do the work — you just can’t run the plant.”
The White House said Tuesday that JBS has informed the U.S. government that it originated from a criminal organization likely based in Russia. The JBS attack follows one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the U.S. southeast.
“Getting back up as quickly as they did, that was certainly a relief to everyone. They should be able to catch up on a weekend pretty quickly with any slowdown there,” Laycraft said.
Still, the attack was another example of how vulnerable North America’s highly consolidated beef industry is to problems affecting large slaughterhouses. The 2012 E. coli outbreak at the Brooks meat processing plant (then owned by XL Foods Inc.), as well as the COVID-19 pandemic that sickened thousands of workers at meat-packing plants across North America, demonstrated how quickly a temporary slaughterhouse closure can begin to back up the agricultural supply chain, leaving ranchers with nowhere to sell their cattle and sending prices plummeting
“It certainly was not on our radar, certainly was not something we thought could have happened to the beef industry,” Tranberg said.
“In North America, I don’t believe that I’ve ever heard of a case like this,” said Sylvain Charlebois, senior director of the Agri-Food Analytics Lab at Dalhousie University. “You don’t really think about it until it happens, but I think this now is really a call for the food industry to think more seriously about cyberattacks.”
The JBS attack exposes the threat to food security posed by cybercrime, said Kelly Sundberg, a cybersecurity expert and Justice Studies professor at Calgary’s Mount Royal University. He said hackers are increasingly sophisticated and often state-sponsored, and global food companies are a tempting target.
“Can you imagine a cyberattack that turned off the irrigation systems of these massive corporate farms throughout the world? Where all of a sudden there’s no water going to the plants and crops are dying?” Sundberg said. “It just shows the vulnerability that exists.”
According to Statistics Canada, about one-fifth of the overall Canadian business population reported being affected by cybersecurity incidents. Forty-three per cent of large businesses (250 or more employees) were affected, compared with 29 per cent of medium-sized businesses (50 to 249 employees) and 18 per cent of small businesses (fewer than 49 employees).
— With files from Bloomberg and Reuters
Via Calgary Herald