The world's largest meat processing company has resumed most production after a weekend cyberattack, but experts say the vulnerabilities exposed by this attack and others are far from resolved.In a statement late Wednesday, the FBI attributed the attack on Brazil-based meat processor JBS SA to REvil, also known as Sodinokibi, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months. The FBI said it will work to bring the group to justice and it urged anyone who is the victim of a cyberattack to contact the bureau immediately.President Joe Biden will talk with Russia's president about the cyberattack.White House Press Secretary Jen Psaki said Wednesday the JBS hack was expected to be discussed at a mid-June summit with Russian President Vladimir Putin.She was also asked how the U.S. could respond to this attack."We are not taking any options off the table in terms of how we may respond," Psaki said. "But, of course, there is an internal policy review process to consider that. We are in direct touch with the Russians as well to convey our concerns about these reports."REvil has not posted anything related to the hack on its dark web site. But that's not unusual. Ransomware syndicates as a rule don't post about attacks when they are in initial negotiations with victims — or if the victims have paid a ransom. In October, a REvil representative who goes by the handle "UNKN" said in an interview published online that the agriculture sector would now be a main target for the syndicate. REvil also threatened to auction off sensitive stolen data from victims who refused to pay it. The attack targeted servers supporting JBS's operations in North America and Australia. Backup servers weren't affected and the company said it was not aware of any customer, supplier or employee data being compromised.JBS said late Tuesday that it had made "significant progress" and expected the "vast majority" of its plants to be operating Wednesday.It is not known if JBS paid a ransom. The company hasn't discussed it in public statements, and did not respond to phone and email messages Wednesday seeking comment.The FBI and the White House declined to comment on the ransom. White House Press Secretary Jen Psaki said Wednesday the U.S. is considering all options in dealing with the attack."I can assure you that we are raising this through the highest levels of the U.S. government," she said.Ransomware expert Allan Liska of the cybersecurity firm Recorded Future said JBS was the largest food manufacturer yet to be attacked. But he said at least 40 food companies have been targeted by hackers over the last year, including brewer Molson Coors and E & J Gallo Winery. Food companies, Liska said, are at "about the same level of security as manufacturing and shipping. Which is to say, not very."The attack was the second in a month on critical U.S. infrastructure. Earlier in May, hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid $4.4 million to the hackers.Cybersecurity experts said the attacks targeting critical sectors of the U.S. economy are evidence that industry hasn't been taking years of repeated warnings seriously.Cybercriminals previously active in online ID theft and bank fraud moved into ransomware in the mid-2010s as programmers developed sophisticated programs that permitted the software's more efficient dissemination. The ransomware scourge reached epidemic dimensions last year. The firm CrowdStrike observed over 1,400 ransomware and data extortion incidents in 2020. Most targeted manufacturing, industrials, engineering and technology companies, said Adam Meyers, the company's vice president of intelligence."The problem has been spiraling out of control," said John Hultquist, who heads intelligence analysis at FireEye. "We're already deep into a vicious cycle."Hultquist said ransomware syndicates are going after more critical and visible targets because they've invested heavily in identifying "whales" - companies they think will yield big ransoms.JBS is the second-largest producer of beef, pork and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.Mark Jordan, who follows the meat industry as the executive director of Leap Market Analytics, said the disruption to the food supply will likely be minimal in this case. Meat has around a 14-day window to move through the market, he said. If a plant is closed for a day or two, companies can usually make up for lost production with extra shifts."Several plants owned by a major meatpacker going offline for a couple of days is a major headache, but it is manageable assuming it doesn't extend much beyond that," he said.Jordan said a closure that runs closer to a week would be more serious, especially for a company like JBS, which controls around one-fifth of the country's beef, pork and chicken supply.Critical U.S. infrastructure might be better hardened against ransomware attacks were it not for the 2012 defeat of legislation that would have set cybersecurity standards for critical industries. The U.S. Chamber of Commerce and other business groups lobbied hard against the bill, condemning it as government interference in the free market. Even a watered-down version that would have made the standards voluntary was blocked by a Republican filibuster in the Senate.Right now, the U.S. has no cybersecurity requirements for companies outside of the electric, nuclear and banking systems, said David White, president of the cyber risk management company Axio.White said regulations would help, particularly for companies with inadequate or immature cybersecurity programs. Those rules should be sector-specific and should consider the national economic risks of outages, he said.But he said regulations can also have an unintentional negative effect. Some companies might consider them the ceiling — not the starting point — for how they need to manage risk, he said."Bottom line: regulation can help, but it is not the panacea,"' White said.JBS plants in Australia resumed limited operations Wednesday in New South Wales and Victoria states, Agriculture Minister David Littleproud said. The company hoped to resume work in Queensland state on Thursday, he said.JBS, which is a majority shareholder of Pilgrim's Pride, didn't say which of its 84 U.S. facilities were closed Monday and Tuesday because of the attack. It said JBS USA and Pilgrim's were able to ship meat from nearly all facilities Tuesday. Several of the company's pork, poultry and prepared foods plants were operational Tuesday and its Canada beef facility resumed production, it said. The plant closures reflect the reality that modern meat processing is heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process; orders, billing, shipping and other functions are all electronic.___Bajak reported from Boston. AP Writers Rod McGuirk in Canberra, Australia; Alan Suderman in Richmond, Virginia; and Nancy Benac, Eric Tucker and Alexandra Jaffe in Washington contributed to this report.

A ransomware attack on the world's largest meat processing company disrupted production around the world just weeks after a similar incident shut down a U.S. oil pipeline.Brazil's JBS SA, however, said late Tuesday that it had made "significant progress" in dealing with the cyberattack and expected the "vast majority" of its plants to be operating on Wednesday."Our systems are coming back online and we are not sparing any resources to fight this threat," Andre Nogueira, CEO of JBS USA, said in a statement. Earlier, the White House said JBS had notified the U.S. of a ransom demand from a criminal organization likely based in Russia. White House principal deputy press secretary Karine Jean-Pierre said the White House and the Department of Agriculture have been in touch with the company several times this week. JBS is the second-largest producer of beef, pork and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.The closures reflect the reality that modern meat processing plants are heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process, and orders, billing, shipping and other functions are all electronic.JBS, which has not stated publicly that the attack was ransomware, said the cyberattack affected servers supporting its operations in North America and Australia. Backup servers weren't affected and it said it was not aware of any customer, supplier or employee data being compromised.Malone said the disruption could further raise meat prices ahead of summer barbecues. Even before the attack, U.S. meat prices were rising due to coronavirus shutdowns, bad weather and high plant absenteeism. The U.S. Department of Agriculture has said it expects beef prices to climb 1% to 2% this year, poultry as much as 1.5% and pork between by from 2% and 3%.JBS, which is a majority shareholder of Pilgrim's Pride, didn't say which of its 84 U.S. facilities were closed Monday and Tuesday because of the attack. It said JBS USA and Pilgrim's were able to ship meat from nearly all of its facilities Tuesday. The company also said it was making progress toward resuming plant operations in the U.S. and Australia. Several of the company's pork, poultry and prepared foods plants were operational today and its Canada beef facility resumed production, it said. Earlier Tuesday, a union official confirmed that two shifts at the company's largest U.S. beef plant, in Greeley, Colorado, were canceled. Some plant shifts in Canada were also canceled Monday and Tuesday, according to JBS Facebook posts.In Australia, thousands of meat plant workers had no work for a second day Tuesday, and a government minister said it might be days before production resumes. JBS is Australia's largest meat and food processing company, with 47 facilities across the country including slaughterhouses, feedlots and meat processing sites. Jean-Pierre said the White House "is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals." The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is offering technical support to JBS.In addition, USDA has spoken to several major meat processors in the U.S. to alert them to the situation, and the White House is assessing any potential impact on the nation's meat supply.JBS has more than 150,000 employees worldwide.It's not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.In March, Molson Coors announced a cyber attack that affected its production and shipping. Molson Coors said it was able to get some of its breweries running after 24 hours; others took several days.Ransomware expert Brett Callow, a threat analyst at the security firm Emsisoft, said companies like JBS make ideal targets. "They play a critical role in the food supply chain and threat actors likely believe this increases their chances of getting a speedy payout," Callow said.Mark Jordan, who follows the meat industry as the executive director of Leap Market Analytics, said the disruption could be minimal assuming JBS recovers in the next few days. Meat processers are used to dealing with delays because of a host of factors, including industrial accidents and power outages, and they make up lost production with extra shifts, he said."Several plants owned by a major meatpacker going offline for a couple of days is a major headache, but it is manageable assuming it doesn't extend much beyond that," he said. Jordan said it will help that U.S. meat demand generally eases for a few weeks between Memorial Day and the July 4 Independence Day holiday.But the attacks can wreak havoc. Last month, a gang of hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid $4.4 million to the hackers.Jason Crabtree, the co-founder of QOMPLX, a Virginia-based artificial intelligence and machine learning company, said Marriott, FedEx and others have also been targeted by ransomware attacks. He said companies need to do a better job of rapidly detecting bad actors in their systems."A lot of organizations aren't able to find and fix different vulnerabilities faster than the adversaries that they're fighting,"' Crabtree said. Crabtree said the government also plays a critical role, and said President Joe Biden's recent executive order on cybersecurity — which requires all federal agencies to use basic security measures, like multi-factor authentication — is a good start.___Durbin reported from Detroit. AP Writer Alan Suderman in Richmond, Virginia, and Alexandra Jaffe in Washington contributed.