The JBS Cyberattack and Future Implications

George J. Ziogas
surachat/Adobe Stock

On Sunday, May 30, JBS USA was targeted by an organized cybersecurity attack. The attack on JBS USA’s information systems affected servers in Australian and North American IT systems, resulting in a shut-down of JBS USA operations across several countries. The major meat producer alleges that JBS USA was the victim of a ransomware attack, likely originating from a criminal organization based in Russia. Two days following the attack, Principal Deputy Press Secretary Karine Jean-Pierre spoke from the White House, stating that the White House is dealing directly with the Russian government with regard to the allegations.

This new widespread attack followed closely behind the cyberattack which targeted Colonial Pipeline, forcing the major fuel pipeline to shut down for six days. In light of these attacks, analysis of cybersecurity and the weaknesses faced by corporations are being brought to light. What is ransomware, and why is it so dangerous? What are we doing as a nation as a whole to protect ourselves from the inevitable attempts to attack our technical systems? How are we planning to address citizens’ concerns concerning their personal information and personal safety? Each of these is a troublesome question that must be addressed moving forward.

Definition of Ransomware

First, before understanding ransomware, you must know that ransomware is a type of malware, which is short for ‘malicious software’. Malware can be a virus, worm, Trojan, or other harmful computer program intended to destroy or access sensitive information. Ransomware specifically hijacks victims’ files and encrypts them so that the victim no longer has access to those files. For the victim’s files to be released, the attacker demands that a ransom is paid. So, how exactly does ransomware end up infecting a multi-million-dollar corporation? For now, we can only speculate.

However, we do know that there are many ways that ransomware can gain access to a system. One of the most commonly used methods is a method known as phishing. A phishing attempt happens when a third party masquerades as a trusted sender and links to a file, allowing the attacker to take over the victim’s system.

An example of a phishing attempt is if you receive an email purportedly from your bank which asks you to click a link to sign in and verify your identity. Once you click the link, it will take you to a spoof page that appears to be your bank login page. When you enter your login credentials, the hacker will now have the ability to access your accounts. Usually, the hackers will immediately change any of your password or email information that they can, to make it more difficult for you to regain access to your account.

Phishing can also occur when a hacker sends an email with an attachment for the victim to click. Once the victim clicks the attachment, malware infects their system. These types of phishing attempts often target specific groups of individuals such as bank customers or hiring managers who frequently open resume attachments. In addition to phishing attempts, ransomware can also exploit security holes within a system to gain access and hold files hostage.

Ransomware is dangerous for a multitude of reasons. Probably one of the most important is the potential for loss of critical irreplaceable data. Look at it on a smaller scale, perhaps your local doughnut shop. If their systems were to be infected by ransomware and the attacker blocked all of their files, all business would cease unless they had paper backups for their day-to-day functions. Electronic payments could not be taken. Staff members could not clock in and out for their shifts. Employee files and information could not be viewed, no schedules or calendars or anything contained within the hijacked files could be accessed.

This can be extremely detrimental to a company, especially if one day of lost business can equal millions in lost revenue due to delays or cancellations. Imagine Colonial Pipeline, who had a 2020 operating revenue of $1.32 billion. That equals out to over $3.5 million per day in operating revenue, a loss that could cause even a financially stable corporation to crumble.

Implications for the Future

Presently, much of what is critical to the function of a business is stored electronically and is at risk of being hijacked no matter how strong a company’s technical defenses have proven. Knowing what we know about ransomware and the dangerous effects that can occur as a result of infection, what, if anything, have we done to combat this potential overthrow of our nation’s technology? It would seem that more time and funding would be injected into solidifying a means for combating future cyberattacks. Should the burden of protection fall to the government or to individual corporations and businesses? These are all tough topics to address, but each provides a glimpse into the future and the issues that should be at the forefront of impending political debates.

A cyberattack on such a large corporation could effectively endanger the personal information of countless individuals. If a corporation has files that contain personal data such as names, dates of birth, and social security numbers, the risk extends much further than the fiscal price impacted upon the company. In a sense, the hijacking of a large enough corporation’s data could effectively lead to a sort of technological coup, if you will. Will this be our enemies’ new method of infiltrating and executing attacks against the United States?

More research should be dedicated to ensuring the safety of our technological infrastructure. Perhaps we must re-evaluate our reliance on technology. For each significant corporation, owners should review their business model and perform what-if scenarios to discern the plausibility of the company surviving a ransomware attack. Resources should be made available to support businesses and corporations that are especially susceptible to such attacks. Taking a proactive stance on the issue will most certainly prove more beneficial than sitting waiting for the subsequent takeover.

Prior to both attacks mentioned above, but still in response to the need for ransomware education, CISA, the “Cybersecurity and Infrastructure Security Agency,” launched a campaign to reduce the risk of ransomware. By visiting their website, users can learn about current alerts and statements regarding ransomware attacks. Also listed on the site are guides and fact sheets accompanied by training and webinars to provide support to understand the threat of ransomware attacks.

Seeing that all this information was available before the attack on Colonial Pipeline and before the attack on JBS USA, would it be fair to say that the government-funded efforts are lacking in some form? If that’s not the case, how can we explain two high-profile attacks within less than six months following the unveiling of CISA’s ransomware campaign?

Keeping all of this in mind, the key takeaway from the two ordeals is understanding that change needs to occur. It’s evident that these types of attacks are becoming a pattern, but our response to them will reveal the fate of our future. If we address the issue head-on and determine how we can better protect data, we can get a leg up in the race. If we simply choose not to act, we run the risk of facing attacks of greater and greater detriment until soon an economic crisis is unavoidable.

Comments / 0

Published by

HR Consultant | Life Coach | Freelance Writer | Delivering content with the reader’s interests in mind.

New York, NY

More from George J. Ziogas

Comments / 0