One-Fifth of U.S. Beef Capacity Wiped Out by JBS Cyberattack

[cruelsister]

Content source

https://www.bloomberg.com/news/articles/2021-05-31/meat-is-latest-cyber-victim-as-hackers-hit-top-supplier-jbs

"A cyberattack on JBS SA, the largest meat producer globally, has forced the shutdown of some of world’s largest slaughterhouses, and there are signs that the closures are spreading.

JBS’s five biggest beef plants in the U.S. -- which altogether handle 22,500 cattle a day -- have halted processing following a weekend attack on the company’s computer networks, according to JBS posts on Facebook, labor unions and employees. Those outages alone have wiped out nearly a fifth of America’s production. Slaughter operations across Australia were also down, according to a trade group. One of Canada’s largest beef plants was idled for a second day [etc etc}"

Comment---- The Good- they actually have backups that work (Backup servers were not affected, and the company is working to restore systems as soon as possible, according to a statement from JBS USA).

The Bad- the USA puts all the blame on Russia as the hackers are assumed to be running out of there.

The Very Bad- the USA wants to wipe cryptocurrency our totally as the Ransomers are getting paid in this coin.

The Worst- not one peep about organizations utilizing CyberSecurity modalities THAT ACTUALLY WILL PREVENT RANSOMWARE as well as hiring folk who actually understand how such thing work.(sorry for the shout, but God- let's place the responsibility where it belong).

 

[danb]

CS is correct. There are only a handful of products that actually prevent malware. And even less that are user-friendly enough for the masses.

 

[silversurfer]

US: Russian threat actors likely behind JBS ransomware attack​

White House Principal Deputy Press Secretary Karine Jean-Pierre told reporters that Brazil-based JBS S.A. confirmed that it received a ransom demand from attackers likely from Russia.

"Meat producer JBS notified us on Sunday that they are the victims of a ransomware attack. The White House has offered assistance to JBS, and our team and the Department of Agriculture have spoken to their leadership several times in the last day. JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia," Jean-Pierre said.

"The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals. The FBI is investigating the incident and CISA is coordinating with the FBI to offer technical support to the company in recovering from the ransomware attack," the spokeswoman added.

"USDA has reached out to several major meat processors in the United States to ensure they are aware of the situation. We’re assessing any impacts on supply, and the President has directed the administration to determine what we can do to mitigate any impacts as they may become necessary."

US: Russian threat actors likely behind JBS ransomware attack

The White House has confirmed today that JBS, the world's largest beef producer, was hit by a ransomware attack over the weekend coordinated by a group likely from Russia.

www.bleepingcomputer.com

 

[cruelsister]

A better response by the USA would be to evaluate current computer security measures utilized by essential infrastructure and enduring there are competent folk monitoring them. But it seems to be much easier to Assign Blame than to accept Personal Responsibility.

And what if the FBI, after months of investigation finds those responsible? The it would be "let's put them on Trial and maybe some jail-time (good Lick with that as there is no extradition treaty between RSA and USA).

Better would be to employ the standard Moscow Rules- if hackers hit something like Gazprom, a message is circulated that the first one who turns in the perpetrators to the Security Goons gets 1 million USD (no bitcoin, please!) and a free walk. This will stop any further hacking as it is difficult to type new code without hands and even more difficult to read code without eyes.

Active Deterrence is preferable to Passive Litigation.

 

[Lenny_Fox]

Lenny's tip about crypto currency.

Although crypto currency is very volatile and vulnerable to coordinated selling and buying attacks to drive the value up and down, it is also the safe haven for dirty money, because it can't be centrally controlled. The bad reputation of crypto currency (as the preferred payment and banking currency of criminals and terrorists) also has an upside.

Depending on the level of organised crime in a country, criminal activities are good for 4 to 11 percent of a country's economy. So as long criminals have access to crypto currency the value of crypto currency will grow 3 to 8 percent each year (in the long run), because criminals use crypto currency as a safe haven for their surplus cash.

Mining of bitcoins will require more processing power while hardware to mine will be crippled by the vendors to break More's law. So in a few years the growth of bitcoins might not be able to keep up with criminal demand.

So keep an eye on the ups and downs of crypto currency to get an idea of the snake curve.

This strategy worked well for me (I am using a Dutch cryptobroker which allows investment with minimum amount of 5 euro and only asks 0,25 percent fee). I save 50 euro every month. I always put 10 euro on my savings account. So I have on;y 40 euro left to speculate on bitcoin. When bit-coin value has grown less than 1% (compared to previous month) I put all my money on a internet savings account (only 0.3 interest, with EU bank guarantee), when value has risen with 1%, I buy for 10 euro bitcoin and put remaining 30 euro on savings account), when bitcoin rises with 2% I buy for 20 euro bitcoin and remaining 20 euro on savings, when bitcoin rises with 3 percent, I buy for 30 euro bitcoin and remaining 10 on savings account. When bitcoin rises 4 percent or more I buy for 40 euro bitcoin. When bitcoin rises 5% or more I sell 50 bitcoins and put all of my money on savings account.

When my savings account has grown 500 euro, I put 250 euro on a real estate fund (that is the minimum no-fee amount possible for a single participation) and set growth to zero (so I divide savings equally on bank account and real-estate fund account). The real estate savings account has no deposit guarantee (so when they go bankrupt I loose my money), but it is one of the largest real estate funds operating in six EU-countries.

 

[The_King]

If all cryptocurrency are magically stopped or banned everywhere this will not stop Cyber-attacks or even Ransomware attacks from happening.

Competing companies and even Governments will still find use for these type of attacks. Company A can pay attackers in fiat money to disrupt Company B
the list of different scenarios are actually extensive. If they cant get payment in crypto they will just change their MO.

 

[Stopspying]

Cryptocurrencies should be illegal. That market is completely lawless and manipulated, not to mention all the anarcho-captialist crypto geeks whose sole raison d'être is to burn down the current financial system and anyone that has more than them along with it. There are so many things so insidiously wrong with cryptos. Just for starts, let's talk volatility. It's what making vast sums of crypto riches possible. Yet it is a deleterious and destabilizing force.

Not everyone who possesses cryptocurrencies is a criminal, anarchist or manipulative. All of those sectors of wider society invest in 'normal' currencies too. I can't recall the banning of the dollar/euro/yen etc being called for by governments/autorities due to their use by criminals etc. I am aware that 'authorities' and governments manipulate 'official' currencies - i.e. quantitative easing. Yes, cryptocurrencies can be volatile, 'official' currencies like the Argentinian peso - this experienced 25% inflation in 2017 - can fluctuate significantly in value as well. Although this is not quite to the same degree of variation in value as that of Bitcoin during the last six months, but it could still be very significant if you are trying to feed and house a family in Argentina.

A better response by the USA would be to evaluate current computer security measures utilized by essential infrastructure and enduring there are competent folk monitoring them. But it seems to be much easier to Assign Blame than to accept Personal Responsibility.

Yes, it seems very obvious. But taking responsibility seems to be on a downward curve, sadly. Its short-termism as well, putting off the big decisions, kicking the can down the road, a trait that echoes politicians' behaviour where they're looking at the next election usually as the determinate factor for how to portray their views and act. If cyberattacks had been dealt with more efficiently in the past we might not be in such a big mess with regard to it now. We have a government in the UK in which a number of senior ministers campaigned against there being too many experts before they were elected, experts who most likely would have questioned the politicians theories and plans. IT expertise is not something that grows on trees, as in many other fields, but who are the wider population when it comes down to arguing with those who know best and were born to lead?!

 

[MacDefender]

Not everyone who possesses cryptocurrencies is a criminal, anarchist or manipulative. All of those sectors of wider society invest in 'normal' currencies too. I can't recall the banning of the dollar/euro/yen etc being called for by governments/autorities due to their use by criminals etc.

I think a key difference, to be fair, is that crimes committed with government-run currencies and accounts tend not to be anonymous in nature, and law enforcement has gotten very good at following that kind of money trail back to the criminals.

With that said, it's kind of like the debate around everyone having strong encryption / end to end privacy, or access to Tor and truly anonymous VPNs. Criminals use it, but legitimate people who want privacy also want it. I don't think we've managed to find a balance there either

 

[Stopspying]

I think a key difference, to be fair, is that crimes committed with government-run currencies and accounts tend not to be anonymous in nature, and law enforcement has gotten very good at following that kind of money trail back to the criminals.

A fair point. 'Real money' laundering seems to be easier to trace these days, unless a 'rogue' nation state has some involvement in it.

 

[MacDefender]

A fair point. 'Real money' laundering seems to be easier to trace these days, unless a 'rogue' nation state has some involvement in it.

And the other nations tend to penalize rogue nation states too for using their currency in that way. That's definitely something we might lose with decentralized currency, though sometimes I wonder if in practice it's easier. Like I use Coinbase and Robinhood for my casual playing with crypto coins. I'm 100% sure none of that is anonymous

 

[Stopspying]

I'm with you on finding it hard to believe that the use of cryptocurrency marketplaces is anonymous.

 

[cruelsister]

Regarding Bitcoin, here is a Podcast from Brian Dunning of Skeptoid (my absolutely favorite):

Bitcoin Fact and Fiction

Although the entire 16 minute Podcast is excellent (as usual), fast forward to the 6:30 mark for the discussion about criminals and bitcoin.

 

[plat]

Just heard on the evening news: who and what the probable culprit is: The actors: Pinchy Spider | The ransomware: REvil

Source: CBS Evening News

Can't find any printed source yet. Probably it'll be more widely reported tomorrow or in the coming days.

 

[Stopspying]

Just heard on the evening news: who and what the probable culprit is: The actors: Pinchy Spider | The ransomware: REvil

Source: CBS Evening News

Can't find any printed source yet. Probably it'll be more widely reported tomorrow or in the coming days.

I heard similar on the radio here in the UK today, the story mentioned RansomewareEvil as being the group involved.

 

[silversurfer]

The Federal Bureau of Investigations has officially stated that the REvil operation, aka Sodinokibi, is behind the ransomware attack targeting JBS, the world's largest meat producer.

"We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice," says an FBI Statement on JBS Cyberattack.
"We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable."

FBI: REvil cybergang behind the JBS ransomware attack

The Federal Bureau of Investigations has officially stated that the REvil operation, aka Sodinokibi, is behind the ransomware attack targeting JBS, the world's largest meat producer.

www.bleepingcomputer.com

 

[Lenny_Fox]

Regarding Bitcoin, here is a Podcast from Brian Dunning of Skeptoid (my absolutely favorite):

Bitcoin Fact and Fiction

Although the entire 16 minute Podcast is excellent (as usual), fast forward to the 6:30 mark for the discussion about criminals and bitcoin.

While the podcast is fairly accurate about crypto currencies, he is wrong about one thing, does not mention a source for one claim and leaves out info how easy it is to extract illegal money.

Wrong info:
For instance Dollar, Euro and Yen have a percentage of their value guaranteed in gold. So it is backed up by phisical assets.

No source:
He mentions that only 2 percent of transactions are from illegal activities, while he does not mention a source. The DEA reported in 2018 that 10% of the bitcoin transactions (they tracked through the ledgers) were drug related (and that was 'only' related to drugs). Anyway the percent of transactions does not say anything about the total money value related to illegal activities on bitcoin.

Info not told
It is possible to extract money using banks in countries which do not have extradiction treaties with the EU or US or use banks in tax free-haven countries which have their banking system setup for anominity (e.g. number accounts) or use money mules to circumvent tracking.

 

[Chuck57]

Governments around the world fear cryptocurrency, because they don't control it. If you don't have control of a thing, you can't control the people using it. And not being in control of their 'subjects' terrifies politicians. As for the beef shutdown, I don't get it. Slaughterhouses were processing cows long before there were computers, plus butchering and moving the beef to markets.

 

[Stopspying]

...moving the beef to markets.

Moving the product and the markets are all IT based, supermarkets function on a delivery system that is basically just in time, holding little stock in store while constant deliveries keep them stocked with what stock is running low. Take that IT system away and people run the risk of going hungry if they rely on stores as the source.

Fully agree on governments fearing the uncontrollable, plus they can't tax some of the cryptocurrency transactions, much like a lot of governments are very frustrated with their inability to tax big tech where the transactions are made. Many big tech companies have financial bases in regional low-tax havens before posting the profits in their 'home' country.

 

[cruelsister]

Dollar, Euro and Yen have a percentage of their value guaranteed in gold

Actually no such guarantee exists. Although most countries do indeed maintain a gold supply, on average these holdings constitute less than 2% of total money supply. The closest currency to be considered on the Gold Standard is the Tugrik (Mongolia) with about 10-15% of the currency covered.

(Fun Fact- there are actually some cryptocurrencies that are entirely backed by Gold, such as Tether Gold and DigixGlobal tokens.)

 

[Lenny_Fox]

Actually no such guarantee exists. Although most countries do indeed maintain a gold supply, on average these holdings constitute less than 2% of total money supply. The closest currency to be considered on the Gold Standard is the Tugrik (Mongolia) with about 10-15% of the currency covered.

(Fun Fact- there are actually some cryptocurrencies that are entirely backed by Gold, such as Tether Gold and DigixGlobal tokens.)

Reserve value of Euro is guaranteed though ECB's coverage rate which consists of dollars, yens, gold and special drawing rights/bonds check it out yourself European Central Bank: 04/2021 The US has a similar system only US does not capitalize gold against market value, but a historical value (has less impact on coverage rate when gold value rises or falls downward).