JBS SA, the world’s largest meat producer, has made “significant progress” to resolve the cyberattack that hit its global operations and will have the “vast majority” of its plants operational on Wednesday.

“Our systems are coming back online and we are not sparing any resources to fight this threat,” JBS USA Chief Executive Officer Andre Nogueira said in a statement late Tuesday. A union Facebook post said a shift at Greeley in Colorado was set for a regular production day on Wednesday.

The cyberattack forced the shutdown of all of JBS’s U.S. beef plants, which account for almost a quarter of American supplies, according to an official with the United Food and Commercial Workers International Union, which represents workers at the company’s plants in the U.S. All other JBS meatpacking facilities in the country experienced some level of disruption, according to the official.

The weekend attack on the company’s computer networks forced shutdowns at slaughter operations across Australia and idled one of Canada’s largest beef plants. It’s unclear exactly how many plants globally have been affected because JBS has yet to release details. The shutdowns upended agricultural markets and raised concerns about food security as hackers increasingly target critical infrastructure. Livestock futures slumped, while pork prices rose.

A notorious Russia-linked hacking group is behind the attack on JBS, according to four people familiar with the campaign who were not authorized to speak publicly on the matter. The cybergang goes by the name REvil or Sodinokibi.

While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cyber-crime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a dark web blog dubbed “Happy Blog” to name and shame victims when they decline to engage in ransom talks. REvil has yet to post a blog item dedicated to JBS.

Russia has no information on the cyberattack, but is in diplomatic contact with the U.S. government, according to Kremlin spokesman Dmitry Peskov. Cybercrime issues will be on the agenda at a June 16 summit between Presidents Joe Biden and Vladimir Putin, he said.

The JBS attack comes three weeks after Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, was targeted in a ransomware attack attributed to a group called DarkSide. Experts have said there’s some evidence linking the group to Russia. That followed a series of devastating hacks against American government agencies, businesses and health facilities, often blamed on Russia or Russia-based hackers at a fraught time in relations between the countries.

Meanwhile, the JBS attack is also thrusting America’s system of churning out cheap meat back into the spotlight.

The sector is dominated by a handful of titans — Tyson Foods Inc., JBS and Cargill Inc. — which control about two-thirds of America’s beef. Taking down even a few plants can completely disrupt supplies, as seen last year when Covid-19 outbreaks idled plants and sparked meat shortages across the country. The industry is so concentrated that idling the JBS plants meant that the U.S. government on Tuesday was prevented from releasing some key meat-pricing data that agricultural markets rely on daily.

“Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat processing capacity,” said U.S. Senator John Thune of South Dakota, the Senate’s second-most powerful Republican.

There have been more than 40 publicly reported ransomware attacks against food companies since May 2020, said Allan Liska, senior security architect at cybersecurity analytics firm Recorded Future.

So far, it’s unclear what the impact on meat prices will be from this latest attack. Retailers don’t always like increasing prices for consumers and may try to resist, according to Michael Nepveux, an economist with the American Farm Bureau Federation. “How long it goes on will impact to what level consumers start to see something at the grocery stores,” he said in a phone interview.

Livestock producers could see some of the more immediate blow. Chicago cattle futures slumped as much as 3.4% Tuesday, before trimming losses. The slaughterhouse closures are exacerbating an existing supply glut of animals.

China Vulnerable

In Asia, the country most at risk from any prolonged shutdown is China, the world’s biggest beef importer. Beef prices are already near a record, and any lengthy supply disruption could push them up even more and stoke food inflation fears. About 30% of JBS’s export revenue comes from Greater China.

The company is also the owner of Pilgrim’s Pride Corp., the second-biggest U.S. chicken producer. William Callicott, president of the Mid-Atlantic Council of Food Inspection Locals, AFGE, said at least two Pilgrim’s Pride poultry plants in Chattanooga, Tennessee, were closed due to the cyberattack.

JBS owns facilities in 20 countries. Its Canada beef facility has resumed production, the company said. Plants in Cactus, Texas, and Grand Island, Nebraska, were planning to restart at least some operations, according to Facebook posts. In Tasmania, Australia, workers at JBS’s Longford beef processing plant have been told operations will resume on Friday, said a spokesman for the Australasian Meat Industry Employees Union in Tasmania.