A cyberattack on JBS SA, the largest meat producer globally, has forced the shutdown of some of world’s largest slaughterhouses, and there are signs that the closures are spreading.
JBS’s five biggest beef plants in the U.S. — which altogether handle 22,500 cattle a day — have halted processing following a weekend attack on the company’s computer networks, according to JBS posts on Facebook, labor unions and employees. Those outages alone have wiped out nearly a fifth of America’s production. Slaughter operations across Australia were also down, according to a trade group. One of Canada’s largest beef plants was idled for a second day.
It’s unclear exactly how many plants globally have been affected by the attack as JBS has yet to release details that granular. The prospect of more extensive shutdowns around the world is already upending agricultural markets and raising concerns about food security as hackers increasingly target critical infrastructure. In the U.S., JBS accounts for about a quarter of all U.S. beef capacity and roughly a fifth of all pork capacity. Livestock futures slumped while pork prices rose.
According to annual studies by Accenture and the Ponemon Institute based on extensive surveys of firms and cybersecurity experts, between 2016 and 2018, the average total cost incurred by firms due to malicious cyber activity increased by 58 percent in the United States. Assuming that the total cost to the U.S. economy increased at the same rate as the average cost faced by those surveyed firms, the total cost of cyberattacks in 2018 would be as high as $172 billion (roughly 0.8 percent of 2018 GDP). This assumption likely serves as a lower-bound estimate, however, as the average number of cyberattacks faced by firms globally increased over this period, making it more than likely that the frequency of attacks against U.S. firms also increased. Since 2018 — the last year the study was conducted — the number of cyberattacks, the average cost of cyberattacks, and the total economic costs are likely to have risen even further.
Yesterday on Capital Matters, David Eisner compared today’s ransomware bandits with the Barbary pirates of the past and examined the question of whether ransoms should be paid.
America today faces the modern equivalent of the Barbary pirates. And, similar to the Barbary pirates, today’s hackers often operate with the support or cover of hostile powers. The wisdom of our Founding Fathers should not go ignored. Although most of President Biden’s May 12 executive order was already U.S. government policy, his call to strengthen the cybersecurity of government and its contractors is a correct one. As the administration has correctly indicated, the trade-offs for private companies are complex, and government should generally continue to defer to the decisions of their owners and boards. While Europe has a history, going back to the Crusades, of attempting negotiation and paying tribute, and some colonial leaders (such as Adams) preferred this route, most of our Founding Fathers were resolute in their opposition. American policy today should not waver in its opposition to negotiating with terrorists and paying cyber ransom. Our Founding Fathers did not do it. Neither should we.
Meanwhile, Cale concluded:
The Biden administration should build on the Trump administration’s strategy to confront the rising security and economic threat of cyberattacks. Although the ransom decision itself might be a “private sector decision,” cybersecurity is a common good that requires prioritization by the federal government.