One of the country’s largest meat processors, JBS SA, was disabled by a cyberattack last week. The company is back online, but the attack raised questions about vulnerabilities in the food and agriculture supply chain, especially in the wake of other recent attacks on U.S. companies and infrastructure.
Gregory Pompelli is director of the Cross Border Threat Screening and Supply Chain Defense Center at Texas A&M University. He told Texas Standard that cyberattacks aren’t new to that industry, but he expects companies to start taking the threat more seriously – and that could mean more cooperation with the federal government.
“There’s a reinvigorated effort on the part of the federal government to get more involved and make less voluntary some of the surveillance measures … that they might be wanting to implement or wanted to implement but weren’t able to because industry was reluctant,” Pompelli said.
The FBI implicated a Russian-speaking “gang” in the JBS attack. Russian hackers were also responsible for May’s Colonial Pipeline attack, and are suspected in the SolarWinds attack that was uncovered late last year. It’s unclear to what extent, if any, the Russian government was involved in any of the attacks.
Regardless, Pompelli says hackers look for weaknesses in systems and attack them, regardless of what that system is.
“They look for the easiest targets they can find and find ways to circumvent [them],” he said.
He says JBS recovered fairly quickly from the hack.
At this point, he says companies have to focus on minimizing risk rather than preventing attacks altogether because the threat is unavoidable.
“You can’t control the hazards, necessarily. But you can do something to avoid or minimize the vulnerabilities which then reduce the consequences,” Pompelli said.