A group linked to Russia is behind the hacking of the world’s largest meatpacking company, according to a report.
JBS employees returned to work on Wednesday, a day after operations in North America and Australia were hit by the ransomware attack.
The company said it had made “significant progress in resolving the cyberattack”, with the “vast majority” of its plants operating normally by Wednesday.
Operations in Brazil, Mexico and the UK were not affected by the attack.
The group responsible is known as REvil, according to a source cited by Reuters, and investigators have previously said some of its members are thought to be based in Russia.
They attacked Quanta Computer, an Apple supplier, earlier this year, and have previously posted on cybercrime forums offering to sell stolen data.
It has not posted anything relating to the JBS hack on its darkweb site but this is not unusual if a syndicate is negotiating with victims, or if a ransom has been paid.
JBS did not discuss any ransom demand in its statement.
JBS is such a vital part of the US meat industry that if it shut down – even for one day – the country would lose almost a quarter of its beef processing capacity, according to Trey Malone, assistant professor of agriculture at Michigan State University.
US President Joe Biden has launched a review of the threat posed by ransomware attacks and will discuss the issue with Russian President Vladimir Putin when they meet in Geneva on 16 June.
White House press secretary Jen Psaki said: “President Biden certainly thinks that President Putin and the Russian government has a role to play in stopping and preventing these attacks.”
The JBS hack is the third major attack linked to Russian hackers since Mr Biden became president in January. The other two were aimed at Colonial Pipeline Co and software made by SolarWinds Corp.
David White, president of cyber risk management company Axio, said the US has no cybersecurity requirements for companies other than those in the electric, nuclear, and banking industries.
He said regulation would help, especially for companies with inadequate cybersecurity programmes, but “it’s not the panacea”.