America’s largest beef supplier JBS paid an $11 million ransom in Bitcoin to the hackers who shut down its plants in the United States, it has been revealed.
Andre Nogueira, the CEO for the Brazilian company’s United States division, told The Wall Street Journal in an interview that the payment was made after most JBS plants were already up and running again as ‘insurance to protect our customers.’
He added: ‘It was very painful to pay the criminals, but we did the right thing for our customers.’
Nogueira said JBS learned of the attack early on May 30 after discovering ‘irregularities’ on its servers, and a ransom note.
The firm immediately started working to shut down its computer servers – suspending meat production systems at its U.S. plants – before the plants were operational again four days later.
JBS also released a press release detailing the payment, noting that it ‘made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.’
‘This was a very difficult decision to make for our company and for me personally. However, we felt this decision had to be made to prevent any potential risk for our customers,’ Nogueira said in the press release.
America’s largest beef supplier JBS paid an $11 million ransom in bitcoin to the hackers who shut down its plants in the United States
Andre Nogueira, the CEO for the Brazilian company’s United States division, said JBS learned of the attack early on May 30
The bitcoin payment was made after most JBS plants were already up and running again
JBS also released a press release detailing the payment, noting that it ‘made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated’
According to the Wall Street Journal, JBS is the largest meat company in the world by sales and is the biggest beef processor and a top supplier of chicken and pork in the United States.
Pilgrim’s Pride, a subsidiary of JBS that processes poultry, was also hit in the ransomware attack, according to the outlet.
FBI officials said last week that it believed REvil, a cyber criminal group based in Russia, was behind the attack.
Last month, the major gasoline transporter Colonial Pipeline also suffered a ransomware attack and paid about $4.4 million in bitcoin to the hacking group DarkSide, which started as an affiliate of REvil, The New York Times reported.
The Justice Department on Monday recovered some $2.3 million in cryptocurrency ransom paid by Colonial Pipeline, Reuters reported.
Regarding its own hack, JBS wrote: ‘The FBI stated this is one of the most specialized and sophisticated cybercriminal groups in the world.’
The meat supplier claimed that it was able ‘to quickly resolve the issues’ because of the company’s cybersecurity protocols, redundant systems and encrypted backup servers. JBS spends more than $200 million annually on information technology and employs more than 850 IT professionals globally, according to the release.
‘JBS USA has maintained constant communications with government officials throughout the incident. Third-party forensic investigations are still ongoing, and no final determinations have been made,’ the press release reads.
The company noted that preliminary investigation results confirm that no company, customer or employee data was compromised.
Nogueira told the Wall Street Journal that the company found the note demanding a ransom soon after discovering that its systems had it been hacked on May 30.
He was notified of the hack at 5 a.m. by a call from his chief financial officer while he was traveling, Nogueira said, and the company quickly alerted the FBI.
The company made ‘good progress’ in restoring operations but cybersecurity consultants and JBS’ internal IT department noted there was no guarantee that the hackers wouldn’t strike again while negotiations with REvil continued.
Nogueira noted the company ultimately decided to pay the ransom, saying: ‘We didn’t think we could take this type of risk that something could go wrong in our recovery process.’
Cyber security experts have warned the recent attacks targeting JBS and the Colonial Pipeline are a taste of things to come, amid fears hackers could target key infrastructure and further escalate tensions between the US and Russia.