Less than a month after the Colonial Pipeline was hit with one of the most disruptive ransomware attacks in history, JBS — the world’s largest meat plant — was forced to shut down 9 plants due to a cyberattack. The disruption ended today with plants opening today. While the disruption was short-lived analysts have reported that meat markets could still face price volatility and supply chain disruption.
In a global just in time economy even the shortest-lived disruption can have rippling effects through supply chains as was made evident with skyrocketing prices and fuel shortages at the pump in the wake of the colonial hack.
The JBS is the second attack aimed at critical American business operations. Brazilian based JBS accounts for 20% of the daily US cattle harvest. The cyber-attack effected operations in North America and Australia. The company’s back-up servers remained unaffected. The group behind the hack has yet to be identified but as of now the authorities believe it is a non-government sponsored hacker group.
With the increasing frequencies of these attacks and the scale of disruption to critical supply chains it is now becoming more evident that the emperor has no clothes. Organizations and governments for decades have severely neglected cyber defenses from invisible agents of chaos. In the wake of the S.V.R sponsored SolarWinds hack, the colonial hack, and now the JBS hack, the alarms need to be ringing and the government must bring its attention to Defcom 2.
Organizations and western governments need to create uniformed policies and frameworks designed to mandate cybersecurity for critical business. Cyber disruptions are now imbedded into the greater interest of national security policy. Supply chains are already being severely squeezed as companies are still digesting the hangover of COVID-19 lock down measures, waves of cyber-attacks following only further weakens markets to ably to rebound back to full output capacity.
Chip supply chains are already facing severe disruption rippling through technology and automotive sectors — making the vulnerable even more vulnerable. As manufacturing continues to become more heavily automated organizations must be prepared for the increased vulnerability that comes with it. Creating universal cybersecurity standards are in the best interest of both the private sector and consumers alike.
Paying ransoms to hackers cannot become just a cost of doing business in leu of the impeding chaos of hacker groups releasing data or bricking critical systems. The government is two decades behind in taking any substantive measures to compel organizations to take strong preventative measures to secure critical resources and now businesses are paying the price in the face of policy leadership being in absentia.
Financial services have policy measures in place to protect financial infrastructure as well as policies to stress test balance sheets — these measures now need to extend to critical infrastructure and supply chains otherwise civilizations will find themselves unwittingly waiting to be the subjects of next attack.