Last Thursday, Federated Co-operatives Ltd. posted on X that it was “experiencing a cybersecurity incident” that was affecting some internal and customer-facing systems at cardlock and retail Co-op locations. It had shut down some systems as a precaution and had brought in experts, the company added.

Gas bars were relatively unaffected.

Some Co-op grocery inventories were affected by the incident.

“We are prioritizing key grocery items and consumer goods for delivery to local Co-ops,” Federated Co-op said on X yesterday.

There is no evidence customer data has been compromised, the company said.

The post Federated Co-op cardlocks “fully operational” company says appeared first on Alberta Farmer Express.

Brian Osterndorff, chair of the board of the Canadian Equipment Dealers Association, and president and CEO of Robert’s Farm Equipment, a seven-store group in Ontario, said on June 26 that they had just been informed that they could use the system again.

Tech firm CDK’s software was taken offline last week after a cyberattack by the BlackSuit ransomware group. CDK is being asked to pay tens of millions of dollars by the hackers. Reuters reported yesterday that the company expected dealers to be offline until at least June 30, but some dealers had functionality returned on June 26.

CDK provides business management software to dealers of all makes of farm equipment, so major dealers of John Deere, CNH and are working without digital systems across the country. CDK is also the leading provider of management software to automobile dealers and thousands of those dealerships are offline.

CDK says it has 15,000 North American dealers on its system.

Wawanesa, Man. farmer Jeff Elder said he was able to get what he needed on a recent parts run to the Rocky Mountain Equipment dealership in Brandon, however staff were relying on memory to find parts or looking them up on their phones.

“They had resorted to writing down orders on paper,” said Elder via text. “He couldn’t invoice me and said I would receive an invoice by email whenever they could get that done.”

Rocky Mountain Equipment declined to comment.

“Everything is being done manually,” said John Schmeiser, President of the North American Equipment Dealers Association (NAEDA) Canada. “You can just imagine the amount of time that our dealerships are spending on manual processes.”

Parts are tracked and managed through digital inventory systems.

“We have to actually know where the part is, in, in a bin, to go out and find it and fulfill that customer’s order without using our computer system to tell us where it is or how many that we have on order.”

Invoicing also has to be manual, said Schmeiser.

Osterndorff said that looking up parts, connecting parts to work orders and completing sales couldn’t be accomplished using their digital system and staff had to do the work manually.

Farmers are spraying and preparing combines for harvest so dealers continue to work as best they can.

“We can’t shut down the business, we have to take care of the customer,” Schmeiser said. “Dealers are really managing through this as best as they possibly can.”

Osterndorff says they have a team of people coming to dig out from the past week’s paperwork and get that information into the digital system.

He says they’ve learned that dealerships can continue to function, “but I think it’s just increased awareness right now of the vulnerability that we all are all have, and the effect that it has in our business.”

Schmeiser said the situation will be a wake-up call for the industry and will place even more emphasis on cyber security.

“I think as an industry as a whole, this whole situation is going to be looked at, at every sector, from the manufacturer point of view and the equipment dealer,” he said.

“We’re asking our customers or farm customers to be a little bit patient with our dealers, as we work through this problem. This is this is an issue that is not only frustrating for our equipment dealers, but can be frustrating for our customers as well.”

—Updated June 27 – adds John Schmeiser’s title, organization.

The post Some farm dealerships back online after cyber attack appeared first on Alberta Farmer Express.

The company on Thursday released that estimate as part of its fourth-quarter financial report, in which it booked a Q4 net loss of $41.49 million on $1.186 billion in sales and a full-year net loss of $311.89 million on $4.739 billion in sales.

During its fourth quarter, on Nov. 6, 2022, Mississauga-based Maple Leaf confirmed it was hit with a “system outage stemming from a cybersecurity incident.”

In Thursday’s report, the company reiterated it “took immediate action and engaged cybersecurity and recovery experts” upon learning of the attack, and “executed its business continuity plans” as it restored affected systems.

Maple Leaf said it was able to maintain operations throughout the event and work with customers and suppliers to “minimize service disruptions,” but nevertheless, its “normal business activities were interrupted.”

With that came the expenses of “system restoration costs, lost sales, overtime, spoiled inventory” and professional fees paid to its experts, the company said.

The company on Thursday estimated fourth-quarter “direct and indirect economic impact” of “at least” $23 million relating to the incident.

Maple Leaf also said it expects to recover some of those costs through related insurance payouts later in 2023. CEO Michael McCain said those amounts can’t yet be booked into the company’s financial results but the company is “very confident” it will be able to recoup some of those costs.

Asked Thursday about the nature of the cybersecurity attack, a company spokesperson said via email the attackers in this case “did try to extort a ransom from us and we refused to pay.”

Maple Leaf in November reported “operational and service disruptions that vary by business unit, plant and site.”

The company’s operations in Canada include hog slaughter plants at Brandon, Man. and Lethbridge, Alta.; five fresh poultry plants in Ontario and one at Edmonton; hatcheries in Ontario and Alberta; five feed mills in Manitoba; and pork and poultry further-processing sites in five provinces. The company recently opened a major new poultry plant at London, Ont.

As for its livestock production, “our farms have adjusted their practices due to the system outage, and we feel confident in our ability to care for our animals and meet their needs,” Maple Leaf said at the time.

On a call with market analysts Thursday, McCain said the $23 million estimate reflects a combination of “incremental” costs incurred as a result of the company’s “entire team” shifting its focus to deal with the incident.

Within less than 48 hours of the attack being discovered, he said, staff were able to shift operations to “fully manual… essentially paper-and-pencil” while company information systems were cleaned and rebooted.

While the company didn’t use the word in its report, the nature of the attack points to ransomware — a form of malware that either encrypts a targeted computer system’s files, rendering them unusable, or removes a system’s sensitive data.

A ransom, usually payable in cryptocurrency, is then demanded of the system’s owner, in exchange for a decryption key or the missing data.

Maple Leaf’s outage isn’t the first ransomware attack in Canada’s meat packing sector. Canadian operations of Brazilian meat packer JBS briefly halted in the summer of 2021 when that company’s U.S. arm was hit by what was later confirmed to be a ransomware attack.

However, where Maple Leaf says it refused to pay, the CEO of JBS USA later confirmed the company did pay a cryptocurrency ransom equivalent to about US$11 million.

Andre Nogueira was quoted by Reuters at the time as saying “we felt this decision had to be made to prevent any potential risk for our customers.” — Glacier FarmMedia Network

The post Cyberattack a $23 million hit on Maple Leaf ledger appeared first on Alberta Farmer Express.

The company said in a release Monday that it “took immediate action and engaged cybersecurity and recovery experts” when it learned of the problem, and its in-house and third-party experts are investigating.

A company representative said separately via email Monday that the incident has caused “operational and service disruptions that vary by business unit, plant and site” but didn’t specify which facilities were or are affected or how.

Mississauga-based Maple Leaf’s operations in Canada include hog slaughter plants at Brandon, Man. and Lethbridge, Alta.; five fresh poultry plants in Ontario and one at Edmonton; hatcheries in Ontario and Alberta; five feed mills in Manitoba; and pork and poultry further-processing sites in five provinces. The company in late September also announced it had completed construction work on a major new poultry plant at London, Ont.

“Our farms have adjusted their practices due to the system outage, and we feel confident in our ability to care for our animals and meet their needs,” Maple Leaf said via email.

Asked Monday about the nature of the incident — a ransomware attack or computer virus, for example — Maple Leaf wouldn’t specify, but said via email it’s “deploying our business continuity plan and implementing workarounds to mitigate the impact on our operations and business.”

Meanwhile, it said it “expect(s) some disruption in our operations and service levels” as it works on “restoring business continuity.”

In its release, it said it “will continue to work with all its customers and suppliers to minimize these disruptions.”

Maple Leaf’s systems outage isn’t the first cybersecurity breach to affect Canada’s meat packing sector. Canadian operations of Brazilian meat packer JBS briefly halted last summer when that company’s U.S. arm was hit by what was later confirmed to be a ransomware attack.

Elsewhere in Canada, major grocery firm Empire Co., whose retail chains include Sobeys, Safeway, IGA and FreshCo among others, also announced Monday its operations have been affected by an unspecified “IT systems issue.”

Empire said in a release its grocery stores remain open as usual and aren’t yet seeing “significant disruptions,” except that some in-store services are “functioning intermittently or with a delay” and some in-store pharmacies are “experiencing technical difficulties in fulfilling prescriptions.” — Glacier FarmMedia Network

The post Cybersecurity ‘incident’ hits Maple Leaf systems appeared first on Alberta Farmer Express.

The Brazilian meatpacker’s arm in the United States and Pilgrim’s Pride, a U.S. chicken company mostly owned by JBS, lost less than one day’s worth of food production following the hack, according to a statement. It said the losses will be recovered by the end of next week.

JBS has recovered faster than some meat buyers and market analysts expected from Sunday’s ransomware attack, which the White House linked to a Russia-based group.

The attack followed one last month by a group with ties to Russia on Colonial Pipeline, which crippled fuel delivery for several days in the U.S. Southeast.

JBS voluntarily shut down all its systems to isolate the intrusion upon learning of the attack, which failed to infect encrypted backup servers, according to the statement.

“The criminals were never able to access our core systems, which greatly reduced potential impact,” said Andre Nogueira, chief executive of JBS USA.

U.S. beef prices initially jumped as the attack tightened supplies. However, American consumers should not see a lasting impact on prices “if the situation continues to resolve quickly,” a U.S. Department of Agriculture official said.

“The market is moving toward normalization,” the official said.

JBS on Tuesday halted cattle slaughtering at its U.S. plants, which process nearly a quarter of America’s beef, according to union officials.

The company’s Canadian beef slaughter plant at Brooks, Alta., also part of the JBS USA unit, reported cancelling shifts Monday and Tuesday but resumed production Tuesday.

By Thursday, the number of cattle slaughtered by U.S. processors including JBS was up 27 per cent from Tuesday and 14 per cent from Wednesday, according to USDA estimates.

Last year, the U.S. meat supply chain buckled as COVID-19 outbreaks closed slaughterhouses, reducing production and raising prices.

“We need to invest in a food system that is durable, distributed and better equipped to withstand 21st century challenges, including cybersecurity threats and other disruptions,” the USDA official said.

— Reporting for Reuters by Tom Polansek in Chicago and Siddharth Cavale in Bangalore. Includes files from Glacier FarmMedia Network staff.

The post JBS says all facilities operating after weekend cyberattack appeared first on Alberta Farmer Express.

A notorious Russia-linked hacking group is behind the cyberattack against JBS, a source familiar with the matter said.

Brazil’s JBS controls about 20 per cent of the slaughtering capacity for U.S. cattle and hogs, so the plants’ reopening should prevent a severe supply-chain disruption.

JBS, the world’s largest meatpacker, said most operations resumed on Wednesday, “including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the U.S. and Australia.”

“We anticipate operating at close to full capacity across our global operations tomorrow,” JBS USA CEO Andre Nogueira said in a statement.

The cyberattack followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, which crippled fuel delivery for several days in the U.S. Southeast.

It is the third major attack this year tied to Russia, and White House press secretary Jen Psaki said on Wednesday the JBS hack was expected to be discussed at President Joe Biden’s mid-June summit with Russian President Vladimir Putin.

“We’re not taking any options off the table in terms of how we may respond, but of course there’s an internal policy review process to consider that. We’re in direct touch with the Russians, as well, to convey our concerns about these reports,” Psaki added.

“President Biden certainly thinks that President Putin and the Russian government has a role to play in stopping and preventing these attacks.”

The Russia-linked cyber gang goes by the name REvil and Sodinokibi, the source said.

Cybersecurity investigators have said they believe some members of the REvil ransomware team are based in Russia. The prolific ransomware group, perhaps best known for attacking an Apple Inc. supplier named Quanta Computer earlier this year, previously posted in Russian on cyber-crime forums, marketing stolen data.

In the Quanta Computer case, the hackers sent extortion threats and demanded a payment of US$50 million for the company to regain access to its systems.

Over the past few years, ransomware has evolved into a pressing national security issue. A number of gangs, many of them Russian speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.

Scrambling for beef

With North American operations headquartered at Greeley, Colorado, JBS sells beef and pork under the Swift brand, with retailers such as Costco carrying its pork loins and tenderloins.

U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses have confronted a labor shortage since COVID-19 outbreaks shut down many U.S. meat plants.

“It’s probably going to be pretty tight for the next few days because even though they (JBS) are going to start opening … who knows how they are going to run,” said Altin Kalo, economist at Steiner Consulting Group. “There’s a fair amount of people that are scrambling (for beef supplies).”

U.S. meatpackers on Wednesday slaughtered 12.5 per cent fewer cattle than a week earlier and eight per cent less than a year earlier, although slaughtering was up about 12 per cent from Tuesday, according to estimates from the U.S. Department of Agriculture.

Plants are expected to return to full capacity in the next couple days, said officials with the United Food and Commercial Workers (UFCW) International Union, which represents over 25,000 JBS meatpacking workers.

JBS also owns most of chicken processor Pilgrim’s Pride, which sells organic chicken under the Just Bare brand.

The company’s operations in Brazil, Mexico and the U.K. were not affected by the attack, JBS said.

Chicago Mercantile Exchange (CME) cattle futures rose on Wednesday after tumbling on Tuesday as the JBS plant shutdowns prevented farmers from delivering their cattle to slaughter plants.

The attack drew attention to the concentrated beef sector in the United States, where four companies including JBS slaughter over 80 per cent of fed cattle and shutdowns of slaughtering plants have a severe impact on prices that ranchers are paid for their cattle.

“The Justice Department needs to take a serious look into the meatpacking industry, and if they cannot, Congress needs to pass reforms that protect a fair and open cattle market,” U.S. senators led by Republican Mike Rounds of South Dakota and Democrat Tina Smith of Minnesota wrote in a letter to Attorney General Merrick Garland.

— Reporting for Reuters by Tom Polansek and Julie Ingwersen in Chicago and Nandita Bose in Washington, D.C.

The post JBS plants reopen as White House blames Russia over hack appeared first on Alberta Farmer Express.

Brazil’s JBS told the U.S. government that a ransomware attack on the company originated from a criminal organization likely based in Russia, according to the White House.

It is not known when JBS will resolve the cyberattack and resume operations at U.S. plants. The disruption quickly affected the beef market, industry analysts said.

JBS and three other beef packers in the U.S. account for the purchase and slaughter of about 85 per cent of all fed cattle.

CME August live cattle futures ended down two cents at 116.6 cents/lb. and hit their lowest price since Jan. 12 (all figures US$). August feeder cattle touched its lowest price since May 7 and closed 2.2 cents weaker at 149.15 cents/lb.

Prices for choice cuts of beef shipped to wholesale buyers in large boxes jumped $3.59, to $334.56 per hundredweight, according to the U.S. Department of Agriculture. Prices for select cuts climbed $5.55, to $306.45/cwt.

U.S. meatpackers slaughtered 94,000 cattle on Tuesday, down 22 per cent from a week earlier and 18 per cent from a year earlier, according to USDA estimates. Pork processors slaughtered 390,000 hogs, down 20 per cent from a week ago and seven per cent from a year ago.

The cyberattacks frustrated livestock producers, who are unable to deliver cattle and hogs that are ready for slaughter to JBS plants while they are closed.

Before the hack, cattle feeders complained about missing out on huge profit margins enjoyed by beef processors like JBS.

Last year, cattle and hog farmers suffered as COVID-19 outbreaks temporarily closed slaughterhouses, backing up livestock on farms and in feed lots.

In the pork market, CME July lean hog futures set a contract high and ended up 0.3 cent at 119.65 cents/lb.

— Tom Polansek reports on agriculture and ag commodities for Reuters from Chicago.

The post U.S. livestock: Cattle futures fall on cyberattack at JBS appeared first on Alberta Farmer Express.

JBS is the world’s largest meatpacker and the cyberattack caused its Australian operations to shut down on Monday and has stopped livestock slaughter at its plants in several U.S. states plus at least one in Canada.

The attack follows one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the U.S. Southeast.

White House spokeswoman Karine Jean-Pierre said the United States has contacted Russia’s government about the matter and that the FBI is investigating.

“The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day,” Jean-Pierre said.

“JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” Jean-Pierre added.

JBS sells beef and pork under the Swift brand, with retailers such as Costco carrying its pork loins and tenderloins. JBS also owns most of chicken processor Pilgrim’s Pride, which sells organic chicken under the Just Bare brand.

If the outages continue, U.S. consumers could see higher meat prices during summer grilling season and meat exports could be disrupted at a time of strong demand from China.

The disruption has already had an impact, industry analysts said. U.S. meatpackers slaughtered 94,000 cattle on Tuesday, down 22 per cent from a week earlier and 18 per cent from a year earlier, according to estimates from the U.S. Department of Agriculture. Pork processors slaughtered 390,000 hogs, down 20 per cent from a week ago and seven per cent from a year ago.

Prices for choice cuts of U.S. beef shipped to wholesale buyers in large boxes jumped $3.59, to $334.56 per hundredweight, USDA said (all figures US$). Prices for select cuts climbed $5.55, to $306.45/cwt.

The USDA, Department of Homeland Security and other agencies are closely monitoring the meat and poultry supply, a White House official said. The agencies are also working with agricultural processors to ensure products move efficiently and that no price manipulation occurs as a result of the cyberattack, the official said.

Affected systems suspended

JBS said it suspended all affected systems and notified authorities. It said its backup servers were not affected. A company representative in Sao Paulo said there was no impact on Brazilian operations.

The company said Sunday’s cyberattack affected its North American and Australian IT systems and “resolution of the incident will take time, which may delay certain transactions with customers and suppliers.”

JBS, with North American operations headquartered at Greeley, Colorado, controls about 20 per cent of the slaughtering capacity for U.S. cattle and hogs, according to industry estimates.

“The supply chains, logistics, and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments,” said threat researcher John Hultquist with security company FireEye.

U.S. beef and pork prices are already rising as China increases imports, animal feed costs rise and slaughterhouses face a dearth of workers. Any further impact on consumers will depend on how long production is down, market analysts said.

“If it goes on a week or longer, you’ve got a major problem,” said Dennis Smith, broker for Archer Financial Services in Chicago.

Two kill and fabrication shifts were canceled at JBS’s beef plant at Greeley after the cyberattack, representatives of the United Food and Commercial Workers (UFCW) International Union Local 7 said in an email. JBS Beef in Cactus, Texas, also said on Facebook it would not run on Tuesday.

UFCW urged JBS to ensure workers receive their contractually guaranteed pay during the shutdowns.

JBS Canada said in a Facebook post that shifts had been canceled at its plant at Brooks, Alta., on Monday and one shift so far had been canceled on Tuesday. JBS’s Canadian assets also include case-ready meat processing plants at Calgary and at Belleville, Ont.

The United States Cattlemen’s Association, a beef industry group, said on Twitter that it had reports of JBS redirecting livestock haulers who arrived at plants with animals ready for slaughter.

Last year, cattle and hogs backed up on U.S. farms and some animals were euthanized when meat plants were shut during coronavirus outbreaks among workers.

A JBS beef plant in Grand Island, Nebraska, said only workers in maintenance and shipping were scheduled to work on Tuesday.

Over the past few years, ransomware has evolved from one of many cybersecurity threats to a pressing national security issue. A number of gangs, many of them Russian-speakers, develop the software that encrypts files and then demand payment in cryptocurrency for keys that allow the owners to decipher and use them again.

Canadian federal officials in March announced funding for an initiative to promote and improve cybersecurity in the agriculture industry.

That funding, part of a larger national cybersecurity co-operation program, was expected to help close “critical gaps” in the sector.

— Reporting for Reuters by Caroline Stauffer, Tom Polansek and Mark Weinraub; additional reporting by Jeff Mason, Trevor Hunnicutt, Ana Mano and Joe Menn.

The post Ransomware attack on JBS halts Canadian, U.S. slaughter appeared first on Alberta Farmer Express.