| A ransomware attack against the world's largest meat processor is giving a taste of the chaos hackers could cook up with a concerted hack against the agricultural and food sector. It's also prompting renewed calls for government to mandate stringent new cybersecurity protections in industries vital to U.S. economic security, such as agriculture, energy and transportation. The attack against Brazil-based JBS has halted production at all the company's U.S. meat processing facilities and slaughterhouses across Australia, shutting down about one-fifth of U.S. beef production, Hamza Shaban reports. JBS said it expects to have sufficiently recovered to have most plants operational today, but the shutdown is still threatening a temporary surge in beef and pork prices and roiling an industry already battered by the coronavirus pandemic. The breach is also stirring memories from just last month when U.S. oil production was severely impaired by a ransomware attack against Colonial Pipeline. In that case, Colonial paid a $4.4 million ransom to the Russia-based criminal group in an effort to unlock its systems and data. The two hacks offer a dramatic warning about how quickly criminal hackers could send an entire economic sector into a tailspin. "Everything is connected and everything is vulnerable and it leads us to this place where we can no longer be polite with critical infrastructure and say, 'If you can get around to it, it would be good to do the basics,' " Kiersten Todt, president of Liberty Group Ventures, told me. "We need to be taking a more assertive position of, 'You have to do the basics and we're going to check up on you,' " she said.  The northern Australian offices of JBS Foods in Brisbane after the U.S. subsidiary of the world's largest meat processing companies said it had been hacked, paralyzing some of its operations. (Patrick Hamilton/AFP/Getty Images) | As with the Colonial breach, the group that targeted JBS is likely based in Russia, White House spokeswoman Karine Jean-Pierre said. "The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals," she said. The FBI is investigating the attack and the Agriculture Department has reached out to other major meat processors, asking them to make up for any production shortfalls. The government, however, has been slow to embrace cybersecurity mandates for companies. The Department of Homeland Security is implementing a suite of new cybersecurity requirements for pipelines. But those regulations came only after the Colonial Pipeline hack. Similar mandates aren't yet on the table for other sectors — including many, such as agriculture and food production, where cybersecurity protections are mostly voluntary. Todt led a White House cybersecurity commission that argued against government mandating cybersecurity protections for industry in its 2017 report. That report suggested waiting on mandates to see whether companies would improve their own cybersecurity in response to market pressures. Four years later, it's clear the market-driven approach has failed, Todt told me. "We said if market forces fail, then the government needs to step in. And the reality we have now is that the market is not incentivizing security," she said. "They're actually disincentivizing security … It's kind of stunning." But new cybersecurity rules will face backlash from industry. "A one-size-fits-all regulatory approach probably is not the right model for an industry that is as complex as the food and agriculture industry," Scott Algeier, executive director of the Information Technology-Information Sharing and Analysis Center, told me. "The adversaries attacking the networks are creative and agile. Regulations tend to be stagnant and often produce a climate of compliance rather than creative and innovative solutions." The IT-ISAC is one of several ISAC groups designed to share cybersecurity threat information between companies and to act as a cybersecurity liaison between them and the federal government. The group focuses on IT firms but includes several agricultural companies among its members. The extent of the damage to JBS still isn't clear. The company said its backup servers were not affected by the breach, and it is working with an outside cybersecurity firm to get back online. And although this is the most high-profile ransomware attack against a food processor to date, it's far from the first. There have been at least 40 such attacks publicly reported during the past year, Allan Liska, senior intelligence analyst at the cybersecurity firm Recorded Future, told Hamza. The attacks could be especially devastating because the sector is so consolidated. Bloomberg News's Simon Casey: Juliette Kayyem, a Harvard University professor and former DHS official: The attack could also spur copycats who target controversial industries, such as energy and meat processing, because they believe those attacks will draw less public condemnation, Biella Coleman, a McGill University professor focused on hackers and hacktivism, noted. | Share The Cybersecurity 202 |  |  |  | | | 
Email 
No comments:
Post a Comment