Cybersecurity

JBS paid $11 million to hackers to resolve ransomware attack

Major meat producer JBS USA said it paid the equivalent of $11 million to hackers to resolve a ransomware attack that forced the company to shut down its beef plants.

The company said in a statement on Wednesday that it made the decision to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.”

Andre Nogueira, CEO of JBS USA, told The Wall Street Journal that the company paid the ransom in bitcoin. 

“This was a very difficult decision to make for our company and for me personally,” Nogueira said in the company’s statement. “However, we felt this decision had to be made to prevent any potential risk for our customers.” 

The statement comes a week after JBS was forced to temporarily halt production at its plants following the cyberattack that affected servers in both North America and Australia.

The FBI has attributed the attack to REvil and Sodinokibi, which have been described by experts as different names for the same Russia-linked group.

Days after production was halted, JBS said that its facilities were operating normally

JBS said its ability to resolve the issues resulting from the attack was “due to its cybersecurity protocols, redundant systems and encrypted backup servers.” The company said it spends more than $200 million on IT annually and employs more than 850 IT professionals around the world. 

JBS maintained that no company, customer or employee data was compromised. 

The attack came after a similar ransomware attack forced Colonial Pipeline to halt production for several days, leading to panic buying and gas shortages across the East Coast. That hack was attributed to the DarkSide group. 

Colonial CEO Joseph Blount has confirmed that the company paid the equivalent of $4.4 million in bitcoin to end the hack. U.S. investigators said Monday that they were able to recapture “the majority of the ransom” that was paid.