- JBS paid a ransom of $11 million in Bitcoin to get back on track.
- The REvil hacker group has demanded as much as $50 million from companies as prominent as Apple to recover their stolen data.
Last week, JBS S.A, the world’s largest meat company by sales was hit by a ransomware attack. Its system was shut down, mounting more pressure on the food supply chain which is already in danger of production constraint and transportation cost. An executive of the company assured that their plants would be operational on Wednesday as they had advanced efforts to restore the system.
According to news first reported by the Wall Street Journal and confirmed by the company, JBS paid a ransom of $11 million in Bitcoin to get back on track. This was done in consultation with third-party cybersecurity experts and internal IT professionals. The idea was to ensure that no data was exfiltrated and to avoid any unforeseen issue related to the attack according to the CEO of JBS USA, Andre Nogueira.
This was a very difficult decision to make for our company and me personally. However, we felt this decision had to be made to prevent any potential risk for our customers.
The company also disclosed that the majority of its facilities were already operational at the time of payment.
JBS is widely known for processing beef, pork, and poultry from Australia to South America and Europe. It remains the biggest beef processor and supplier of chicken and pork in the US. However, it would appear that it paid little attention to cybersecurity.
Some anonymous employees have said the company commissioned a cybersecurity audit between 2017 and 2018. It was then identified that there were weaknesses in the company’s infrastructure which could be exploited by attackers. They were, therefore, advised to purchase a special monitoring technology to detect any potential intrusion. However, the company said it was too expensive.
The wave of a ransomware attack on companies
The FBI has linked the attack to a Russian-based cybersecurity group identified as REvil. They are very sophisticated in their approach and have demanded as far as $50 million from companies as prominent as Apple to recover their stolen data.
The incident involving JBS is part of the wave of ransomware attacks on companies demanding millions of dollars in Bitcoin as payment. Last month, the Colonial Pipeline, an artery that transports gasoline to close to half of the East Coast was attacked by DarkSide, a hacker group that started as an affiliate of REvil. The US Justice Department has disclosed that investigators have tracked and recovered $2.3 million from the $4.3 million in Bitcoin paid as ransom.
According to Lisa Monaco, the US deputy attorney-general, they will waste no effort when a ransomware attack is launched on key infrastructure.
Ransomware attacks are always unacceptable, but when they target critical infrastructure, we will spare no effort in our response. Following the money remains one of the most basic, yet powerful tools we have.