11 Jun 21 World’s largest meat supplier JBS suffers cyber attack
Brazilian meat giant JBS has paid $11m in ransom to end a cyber attack that saw its operations hacked and disrupted by “one of the most specialized and sophisticated cybercriminal groups in the world.”
The ransom was paid to shield the world’s largest meat processing company from further attacks.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
JBS, headquartered in São Paulo, fell victim to hackers earlier this month.
Operations were temporarily disrupted and some of its beef, pork and poultry facilities in Australia, Canada and the US were unoperational for the short term. JBS, which produced around one-fifth of the meat supply in the US, was also forced to stop cattle slaughtering at all of its US facilities for one day.
The hack initially caused concern over meat availability and potential price pressure.
However, now JBS has said that it was necessary to pay the ransom money to protect customers and that the sophistication of the attack was very concerning.
Paying cyber criminals in Bitcoin
During ransomware attacks like this, hackers threaten to delete files unless a ransom is paid in cryptocurrency. The ransom is believed to have been transferred using Bitcoin.
“At the time of payment, the vast majority of the company’s facilities were operational. In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” the JBS statement continued.
“JBS USA’s ability to quickly resolve the issues resulting from the attack was due to its cybersecurity protocols, redundant systems and encrypted backup servers. The company spends more than $200m annually on IT and employs more than 850 IT professionals globally,” it said.
The White House has also weighed in on the JBS incident, saying that it believed the ransomware attack is linked to a criminal organisation that is “likely based in Russia.”
This attack on JBS is the latest in a string of similar hacks focusing on essential service providers, using ransomware where companies are held to ransom for hefty payments to regain control of their operations.