The world’s largest meat processing company said on Wednesday that it paid a ransom of $ 11 million to cybercriminals after it was donecattle slaughter at 13 of its meat processing plants. JBS confirmed the payment in a statement following a cyber attack attributed to the Russian-language ransomware gang “REvil.”
The company eventually paid a ransom in Bitcoin cryptocurrency to prevent further disruption of the meat plants and reduce potential damage to the food supply – including restaurants, grocery stores and farmers dependent on JBS production.
“This was a very difficult decision to make for our company and for me personally,”
The company stated in its statement that “the vast majority of the company’s facilities were operational” at the time of payment. The decision was made in consultation with internal IT professionals and third-party cyber security experts in an attempt to ensure that no data was exfiltered by cybercriminals.
In a statement last week, the Federal Bureau of Investigation (FBI) identified the threatening actors known as “REvil” or “Sodinokibi.”
“As the leading federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s top priorities,” the agency said. “We continue to focus our efforts on imposing risks and consequences and holding accountable cyber actors accountable.”
JBS first became aware of the cyber attack Sunday on Memorial Day weekend.
National Security Adviser Jake Sullivan on Wednesday told reporters aboard Air Force One that President Biden would “100%” bring up cyber attacks at his forthcoming meeting with Russian President Vladimir Putin. “All ransomware attacks are crimes,” Sullivan added. “They must be prosecuted to the fullest extent of the law, and any responsible nation should act against criminals.”
Mr. Biden is scheduled to speak with Putin on June 16 in Geneva, Switzerland, and part of his first overseas trip as president.
U.S. Attorney General Merrick Garland warned Wednesday that ransomware attacks “are getting worse and worse,” reiterating concerns from White House officials who have arranged emergency meetings to brainstorm responses to the national security threat.
“We have to do everything we possibly can,” Garland told lawmakers during a Senate hearing on the Justice Department’s 2022 budget. “This is a very, very serious threat.”
Last month, cybercriminals targeted computer networks from Colonial Pipeline, America’s largest fuel pipeline operator responsible for delivering 45% of fuel along the east coast. The ransomware attack started panic buying, causing fuel shortages in a handful of states in the southeast. Colonial later admitted that it paid $ 4.4 million to Russian-based criminal actors known as “DarkSide” to gain access to its computer network. On Monday, the Justice Department revealed that it had done somost of the Bitcoin ransom worth $ 2.3 million.
For years, companies have struggled with easy-to-use ransomware attacks. Criminal actors often use unsophisticated methods, such as phishing, to send employees emails with questionable links. With a single click, unconscious employees can lose company security, allowing cybercriminals to lock down computer networks in exchange for a ransom.
Cybercrime gangs have increasingly sold their services or hacking software to the highest bidder through a business model called “ransomware-as-a-service” – known as RaaS. Hackers routinely ask for payment to be made in cryptocurrency, which is harder to track than fiat currency and subject to fewer rules.