Meat company JBS USA paid $11 million ransom in cyberattack
The world’s largest meat processing company says it paid the equivalent of USD 11 million to hackers who broke into its computer system last month.
JBS USA in a press statement, at the time of payment, the vast majority of the company’s facilities were operational. In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The FBI stated this is one of the most specialized and sophisticated cybercriminal groups in the world. JBS USA’s ability to quickly resolve the issues resulting from the attack was due to its cybersecurity protocols, redundant systems and encrypted backup servers.
The company spends more than $200 million annually on IT and employs more than 850 IT professionals globally.
JBS USA has maintained constant communications with government officials throughout the incident. Third-party forensic investigations are still ongoing, and no final determinations have been made. Preliminary investigation results confirm that no company, customer or employee data was compromised.
On May 31, Brazil-based JBS SA said that it was the victim of a ransomware attack,
Brazil-based JBS SA said on May 31 that it was the victim of a ransomware attack, but Wednesday was the first time the company’s U.S. division confirmed that it had paid the ransom.
On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack, affecting some of the servers supporting its North American and Australian IT systems.
The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation.
The FBI on June 2, issued a statement attributing the attack to that ransomware-as-a-service – aka RaaS – operation, which appears to be run from Russia.
“As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities,” the bureau says in its statement.
“We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.” said in the FBI statement.