Slicing Through Cybersecurity: The JBS Hack

George Gershwin once wrote that in summertime, the living is easy. That hasn’t been the experience of American meat processing firm JBS, which determined on Sunday that it was the target of a successful cyberattack.

Fortunately, the attack’s impact was relatively minor compared to other recent breaches such as the one that hit the Colonial Pipeline (America’s largest fuel pipeline). Although some of JBS’s North American and Australian systems were affected, the company took rapid action by suspending and quarantining those systems, notifying relevant authorities, and orchestrating a rapid response involving both internal and external IT security specialists.

security panel

The potential of such attacks to affect the global economy and countless individuals, however, remains both clear and daunting, which is why the White House has already offered assistance to JBS in fully researching and resolving this matter.

White House Principal Deputy Press Secretary Karine Jean-Pierre also notified reporters that, according to JBS, the attack was an attempt at ransomware and was the work of a criminal organization “likely based in Russia.”

Jean-Pierre went on: “The White House is engaging with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals.”

While it appears that this particular attack was foiled by the fact that JBS had very recent backups of the assets criminals had just encrypted, not every organization is so fortunate. Furthermore, the potential consequences of such breaches apply not just to the hacked organizations, but to larger supply chains, other organizations that depend on those supply chains, and ultimately the sum of all their customers worldwide.

JBS USA, for instance, is a subsidiary of the world’s largest meat supplier; needless to say, the ramifications of a more successful hack could have rippled out in staggering ways. As Matt Dalgleish, manager of commodity markets insights at Thomas Elder Markets, told Bloomberg: “Given the size of JBS globally, if they were offline for any more than a week, then we’re going to see disruption to supply chains for sure.”

Much the same observation could be made to key organizations in any other critical industry. By applying pressure to crucial suppliers, and extorting ransoms in proportion to the theoretical total impact, criminal organizations could shake the global economy in potentially catastrophic ways that we can’t even imagine (but they can).

earth from outer space

This is why even relatively contained security breaches like the JBS hack make a stark and unforgettable case for implementing the most advanced, sophisticated security solutions available today.

Just as organizational security is only as strong as its weakest link, so too are global supply chains. Meanwhile, hackers, criminal organizations, and state-sponsored organizations are clearly getting more aggressive and technically sophisticated every year.

Fortunately, equally sophisticated security solutions are available to respond to the threat. Once deployed, they can address the complete IT infrastructure, including every class of critical asset and nearly every type of attack, including the vast majority of zero-day attacks (such as those frequently used in ransomware).

Among the very best security solutions available, for instance, are those in SparkCognition’s DeepArmor® product portfolio. Our AI-powered DeepArmor products leverage adaptive cognitive modeling (not easily-defeated algorithms based on static signatures) to recognize suspicious changes in files such as DLLs, executables, scripts, and even documents. They then take action to shut down the breach, either directly by interoperating with other security solutions or indirectly by notifying security managers.

This fundamentally superior design has translated, year after year, into SparkCognition’s industry-crushing results when tested against zero-day attacks such as those leveraged in high-profile attacks like the Colonial Pipeline breach. (In fact, our internal tests suggest that if it had been deployed, the DeepArmor product would have shut down that breach in or very close to real time.)

To extend the power of our AI-based security as far as possible, the solutions in the DeepArmor portfolio are designed and built to apply to several different operational contexts. Our portfolio includes:

  • The DeepArmor Enterprise product. This offering directly secures traditional IT endpoints such as servers, desktops, and laptops against both malware and human-orchestrated attacks.
  • The DeepArmor Industrial product. This product is specifically designed to secure operational and industrial assets such as pumps, turbines, and generators that may involve outdated management systems and may be difficult or impossible to secure in a conventional manner. It’s also very well suited to fortifying air-gapped assets that are logically and physically cut off from the public Internet.
  • The DeepArmor for MSSPs product. Managed security services providers who know they need AI-driven security capabilities, but lack the expertise to create them in-house, can leverage this offering to fortify their customers’ infrastructures.
  • The DeepArmor SDK product. Much like MSSPs, software developers who create security-centric products may find they need to bolster their features with top-tier cognitive modeling. Our SDK solution empowers them to do this in either of two ways: directly via code or via a virtual container accessed over a network.

It’s true that no two organizations are the same, and thus no single security strategy or architecture can ever deliver perfect protection.

Even so, it’s fair to say that AI-driven security provides the most effective, most comprehensive protection available today against the large and growing panorama of malware, hackers, criminal groups, and state-sponsored groups.

At SparkCognition, we’re proud to create and offer the best of the best cybersecurity. If you’d like to start a dialogue with us about how to leverage our DeepArmor products to ideal effect in your particular organization, feel free to reach out to us at info@sparkcognition.com.

SparkCognition is committed to compliance with applicable privacy laws, including GDPR, and we provide related assurances in our contractual commitments. Click here to review our Cookie & Privacy Policy.