Computer networks at JBS were hacked, temporarily shutting down some operations in Australia, Canada and the US, with thousands of workers affected.
The company believes the ransomware attack originated from a criminal group likely based in Russia, the White House said.
The attack could lead to shortages of meat or raise prices for consumers.
In a ransomware attack, hackers get into a computer network and threaten to cause disruption or delete files unless a ransom is paid.
The White House says the FBI is investigating the attack.
“JBS notified [the White House] that the ransom demand came from a criminal organisation likely based in Russia,” White House spokeswoman Karine Jean-Pierre said on Tuesday.
“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals,” she added.
On Wednesday Russia’s Deputy Foreign Minister Sergei Ryabkov told local media the Biden administration had been in contact with Moscow to discuss the cyber-attack.
JBS said it had made “significant progress” in resolving the cyber-attack and hoped the vast majority of its plants would be operational on Wednesday.
The company said on Monday that it suspended all affected IT systems as soon as the attack was detected, and that its backup servers were not hacked.
The United Food and Commercial Workers’ Union, which represents JBS plant employees, has urged the company to ensure workers still receive their pay.
IT systems are essential in modern meat processing plants, with computers used at multiple stages including billing and shipping.
According to the trade group Beef Central, “supermarkets and other large end-users like the McDonald’s burger patty supply network will be some of the most immediately impacted customers, due to their need for consistent supply”.
JBS’s five biggest beef plants are in the US, and the shutdowns have halted a fifth of meat production there, according to Bloomberg.
Plants in Australia and Canada have also been affected but the company’s South American operations have not been disrupted.
Last month, fuel delivery in the south east of the US was crippled for several days after a ransomware attack targeted the Colonial Pipeline. Investigators say that attack was also linked to a group with ties to Russia.
Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom to the cyber-criminal gang responsible.
The US government has recommended in the past that companies do not pay criminals over ransomware attacks, in case they invite further hacks in the future.
