Another day, another ransomware attack. This time it’s JBS, a meat processing company that produces beef, chicken, pork, and meat byproducts in more than 150 plants in 15 countries. It is the world’s largest meat supplier and has over 150,000 employees worldwide. The attack affected operations in Australia, Canada, and the United States.
The good news is that JBS was able to minimize their downtime by using manual processes and backup systems to keep some operations going. The company expects most of the affected facilities to resume normal operations by today.
Innovations making ransomware more dangerous
Ransomware has been in the headlines for years. The first documented case of ransomware was the AIDS ransomware attack in 1989, but modern ransomware wasn’t seen in the wild until Trojan.Gpcoder was observed in 2005. There have been many variants of the software and many infection methods since then, but some new practices and technology innovations have made ransomware much more dangerous:
Extortion: The attackers steal the victim’s data before it is encrypted. If the victim refuses to pay the ransom, the attackers threaten to publish the data on the dark web. The threat of a data breach sometimes encourages victims to pay. When victims are unable or unwilling to pay the ransom, the attackers will publish the data. This was the case in the recent Broward School District attack.
Ransomware gangs: Hacking gangs are not new, but veteran ransomware criminals are now creating their own organizations and putting their collective expertise to work. This appeared to be the case with DarkSide, which specialized (past tense) in digital extortion. These groups build sophisticated operations with multiple departments, and they research their targets before launching a spear-phishing or other attack.
Industrial system attacks: Modern logistics and supply-chain processes integrate on-demand connectivity that enables system monitoring, remote control, and other efficiencies that IoT technologies have to offer. This has created gaps in security and increased the attack surface of these companies. Norsk Hydro, Altran Technologies, and others were disrupted by LockerGoga in 2019. In 2020, researchers discovered EKANS, a piece of ransomware specifically designed to infect industrial control systems (ICS). The control of industrial systems is much more valuable to the public than the exposure of data. This makes these systems a high-value target for ransomware gangs.
Protecting against ransomware attacks
There’s no evidence that JBS was attacked by a state-sponsored group, but these criminal gangs have shown us exactly why cybersecurity is a matter of national security. Simple things can make a huge difference:
- Do not use the same password on multiple accounts.
- Use multi-factor authentication when possible.
- Do not use media of suspicious origin, such as pirated software or a thumb drive found in the parking lot.
- Keep operating systems and applications up to date.
- Be aware of phishing, spear-phishing, and other email attack tactics that can lead to malware infections and account takeovers.
- Do not install something new such as smart appliances or security cameras on a business network without the involvement of IT.
Barracuda offers solutions that protect companies from ransomware and other attacks. For more information visit www.barracuda.com.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology and project management credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.
Connect with Christine on LinkedIn here.