A recent cyberattack on JBS S.A. (JBSAY) forced the temporary shutdown of all its U.S. beef-processing plants, stalling output from all its facilities. One-fifth of U.S. beef capacity was wiped out due to JBS supplying roughly 23% of American beef.
The attack was just the most-recent ransomware hack that has affected many industries including gasoline from last month when the Colonial Pipeline was hit and caused a shortage of gas along the East Coast. The Colonial Pipeline attack caused many to go without gas for their vehicles for a short time but the JBS cyberattack is not expected to be as significant. The hack forced JBS to shut down plants on Monday but had already started production back up by Wednesday.
In the short term, some competitors such as Tyson (TSN) and Jefferies Financial Group (JEF), formerly Leucadia, may benefit from JBS being unable to meet production goals due to the shutdown. However, the bigger story is the rise of ransomware attacks and companies being exposed to these cybercrimes especially with the rise of hard-to-track financing brought largely about through the rise of cryptocurrencies.
Rise of Cyber AttacksJBS is not the first company to be hurt by a ransomware hack as everything from small businesses to hospitals and water-treatment plants have been hit recently. Just last month the Washington, D.C. police department was hacked by the Babuk Group in which the group leaked personal information to force payment by the department. According to Homeland Security Secretary Alejandro Mayorkas, ransomware attacks cost victims more than $350 million just last year.
The recent developments are causing some analysts to predict there will be even more attacks as hacking groups discover how lucrative it can be. Laura Hoffner, chief of staff at Concentric, a security and risk-management firm, said recently, "I think it would actually more so be cyber-actors are catching on to how lucrative this business is" when discussing a potential "dry run" according to Fox Business. Colonial Pipeline itself confirmed that it paid $4.4 million to the hackers who broke into their systems. Hackers may avoid going after government systems as most will refuse to negotiate, but holding a firm's system hostage and demanding payment can be profitable and is less risky than dealing with a foreign government.
Effect on CryptoAn interesting piece to consider in all this is the role of cryptocurrency as a form of payment. Cryptocurrencies such as Bitcoin (BTC) and Ethereum (ETH) have been all the rage recently but they sadly make for near perfect forms of payment for these kinds of ransom transactions. Obviously the attackers do not want anyone to know where the money is heading since what they are doing is illegal, thus, cryptocurrencies allow for harder to track financing. Cryptocurrencies such as Bitcoin allow anyone to see any transaction as they are permanently recorded but since wallets are anonymous, investigators cannot make the next connection, that to a person with a physical address that they could with traditional banking.
Bitcoin doesn’t have banks that examine international transactions to make sure everything is above the board. It additionally, doesn’t require PCI compliance that credit cards require with extensive security checks. This is why hackers aren’t going to ask for funds to be transferred to their credit cards as any foreign authority will immediately discover the individual behind the attack. Some of these "features" cryptos are things that make Bitcoin attractive since one of the selling points is that they are an unregulated currency that is not "manipulated" by a central bank or government policies since nothing is cooler these days than hating the government and wanting an unregulated money supply.
However, should ransomware hacks continue to rise and use cryptocurrencies as a form of payment for its hard-to-trace financing, then crypto could be in for a rude awakening when governments either force these currencies to either develop anti-money laundering systems, just ban them outright. When a selling point of your product is autonomous payment and it starts to be used for illegal activity, it won’t take long for institutions to find a way to regulate your service.