The Washington Post
Meat supplier JBS paid $11 million in ransom after hackers targeted plants
JBS, the world’s largest meat supplier, confirmed Wednesday that it paid the equivalent of $11 million in ransom to hackers who targeted and temporarily crippled its business.
The company confirmed making the payment in a statement Wednesday, saying it did so after most of its plants started operating again last week. The company consulted with its own tech workers and external cybersecurity experts, it said, and decided to pay to make sure no data was stolen.
“This was a very difficult decision to make for our company and for me personally,” JBS USA CEO Andre Nogueira said in a statement.
JBS was hit by a ransomware attack last week that temporarily halted operations at its nine beef processing plants in the United States and caused disruptions at other facilities. The FBI attributed the attack to a Russian-linked ransomware group known as both Revil and Sodinokibi.
The payment was first reported by the Wall Street Journal. JBS got many of its plants operating again by the end of last week, but Nogueira said it decided to make the payment to “prevent any potential risk” for customers.
Ransomware attacks have dramatically increased across the country in the past two years, and have recently hit high-profile targets including JBS and Colonial Pipeline.
The latter caused long lines and shortages at gas pumps on the East Coast and sent government regulators scrambling to address cybersecurity in public and private realms.
Colonial paid about $4.3 million in bitcoin to cybercriminals as a result of its ransomware attack, though federal authorities said this week that they had recovered more than $2 million.
Victims of ransomware attacks paid at least $412 million in ransom last year, according to Chainalysis, which noted that the actual amount is probably higher because many victims do not report the payments. The attacks have affected an array of business acboth tivities and individuals.
Ransomware attacks are generally relatively unsophisticated. Hackers often use phishing and send employees emails containing suspicious links or attachments. If someone clicks, hackers can gain access to companies’ systems and make their way into valuable databases.
Once inside, cybercriminals will lock down key computer systems and demand a ransom to return control to the company. Increasingly, hackers will also demand a payment to stop them from stealing and leaking private company data online.
Hackers regularly demand that the payment be made in bitcoin or other forms of cryptocurrency, which can be harder to trace and subject to fewer regulations than traditional currencies. JBS made its payment in bitcoin, according to the Journal.
JBS said Wednesday that it spends more than $200 million annually on information technology and employs more than 850 IT workers worldwide.