The world’s largest meat processing company said on Wednesday it had paid cybercriminals an $ 11 million ransom after beingcattle slaughter operations at 13 of its meat processing plants. JBS confirmed the payment in a statement following a cyberattack attributed to the Russian-speaking ransomware gang “REvil”.
The company eventually paid the ransom in Bitcoin cryptocurrency to prevent further disruption to meat factories, mitigating potential damage to the food supply – including restaurants, grocery stores, and farmers who depend on JBS production.
“It was a very difficult decision for our company and for me personally,” said Andre Nogueira, CEO of JBS USA, in a statement. “However, we felt that this decision should be taken to avoid any potential risk to our customers.”
The company said in its statement that “the vast majority of the company’s facilities were operational” at the time of payment. The decision was made in consultation with internal IT professionals and third-party cybersecurity experts, with the goal of ensuring that no data is exfiltrated by cybercriminals.
In a statement released last week, the Federal Bureau of Investigation (FBI) identified threat actors known as “REvil” or “Sodinokibi”.
“As the leading federal investigative agency fighting cyber threats, tackling cybercrime is one of the FBI’s highest priorities,” the agency said. “We continue to focus our efforts on imposing risks and consequences and on empowering responsible cyber actors.”
JBS first learned of the cyberattack on Sunday Memorial Day weekend.
National Security Advisor Jake Sullivan told reporters aboard Air Force One on Wednesday that President Biden would discuss cyber attacks “100%” at his next meeting with Russian President Vladimir Putin. “All ransomware attacks are crimes,” added Sullivan. “They should be prosecuted with all the rigor of the law and every responsible nation should take action against the criminals.”
Mr Biden is due to meet with Putin on June 16 in Geneva, Switzerland, and as part of his first trip abroad as president.
United States Attorney General Merrick Garland on Wednesday warned that ransomware attacks were “getting worse and worse,” echoing concerns from White House officials who orchestrated emergency meetings to reflect on the issues. responses to the threat to national security.
“We have to do all we can here,” Garland told lawmakers during a Senate hearing on the Justice Department’s 2022 tax budget. “It’s a very, very serious threat.”
Last month, cybercriminals targeted the computer networks of Colonial Pipeline, the largest fuel pipeline operator in the United States, responsible for delivering 45% of the fuel along the east coast. The ransomware attack sparked panic buying, causing fuel shortages in a handful of states in the Southeast. Colonial later admitted to paying $ 4.4 million to Russian-based criminal actors known as “DarkSide” to regain access to its computer network. On Monday, the Justice Department revealed it hadthe bulk of the Bitcoin ransom, valued at $ 2.3 million.
For years, businesses have struggled with easy-to-use ransomware attacks. Criminal actors often use unsophisticated methods, such as phishing, to send employees emails containing questionable links. With one click, unaware employees can lose company security, allowing cybercriminals to lock down computer networks in exchange for ransom.
Cybercriminal gangs are increasingly selling their services or pirating software to the highest bidder through a business model called “ransomware-as-a-service” – known as RaaS. Hackers regularly request that payment be made in cryptocurrency, which is harder to track than fiat money and subject to fewer regulations.