The world’s largest meat supplier, JBS USA Holdings Inc. paid an $11 million ransom in a response to a cyberattack that temporarily knocked out plants that process approximately one-fifth of the US’s meat supply, according to the company’s chief executive, Andre Nogueira. The ransom was paid after most of the company’s facilities had come back online, JBS stated. The payment of the ransom was made in bitcoin, to safeguard JBS meat plants from additional disruption and to reduce the potential damage it could cause on grocery stores, restaurants and farmers that depend on JBS, stated Nogueira. The cyberattack affected servers supporting JBS’s IT system in Australia, Canada and the US. The federal government of the US has accused the ransomware attack to REvil, a criminal organisation considered to be based in Russia or Eastern Europe.
According to Mr Nogueira, JBS got to know about the attack first on Sunday, May 30, when a technology staff member discerned inconsistencies with the working of some servers. Shortly they found a message demanding a ransom to reclaim access to the company’s system.
JBS immediately informed the Federal Bureau of Investigation and the company’s technology team commenced shutting down the meat supplier’s operations to slow the attacker’s progress, said Nogueira.
Only a few weeks before the attack on JBS another high-profile ransomware attack targeted the Colonial Pipeline and resulted in the company temporarily closing down its services in the Southeastern US. Information that the distribution of gas had stopped led to people panic-buying gasoline, up and down the East coast. The company later stated that it had immediately informed the FBI and other essential authorities about the ransom demand.
Colonial Pipelines paid a ransom of $4.4 million. Also, the law enforcement declared this week that its new Ransomware and Digital Extortion Task Force had regained more than half of the payment given by Colonial Pipeline.