The world’s largest meat processing company claims to have paid Russian-speaking hackers millions in bitcoin to put an end to a major cyber attack. The company admits to having decided after consulting with internal IT professionals as well as cybersecurity experts.
“This was a very difficult decision to make for our company and for me personally. However, we felt this decision had to be made to prevent any potential risk for our customers,” Andre Nogueira, CEO of JBS USA, is quoted in a company statement.
The company says that according to the FBI, JBS has fallen victim to ‘specialized and sophisticated cybercriminal groups in the world.’ The statement also claims that the company spends over $200 million on IT annually, contributing to restoring operations quickly.
This was a very difficult decision to make for our company and for me personally,
Constant communications with government officials were ongoing throughout the incident, and third-party investigations are still ongoing with no final conclusions made, according to the company’s representatives.
“Preliminary investigation results confirm that no company, customer, or employee data was compromised,” says the statement of the company.
The subsidiary of Brazilian firm JBS SA stopped operations in the US slaughtering plants for a day after the attack, threatening to disrupt North American food supply chains and increase the price of food.
Reuters claims that sources familiar with the matter say that the JBS hack was carried out by the Russia-linked cyber gang REvil, also going by the name Sodinokibi.
This April, CyberNews published a research where one of our team members tried to infiltrate the very same gang revealing the payout structure, cash-out schemes, and target acquisition strategies.
The ransomware group advertised online, claiming the successful candidate would get up to 80% of any paid ransom. Criminals could prove they have $1 million worth of bitcoin in one of their digital wallets.
The JBS cyber attack followed another major hack where a group with ties to Russia disrupted Colonial Pipeline, the largest fuel pipeline in the United States, which affected the fuel delivery system in the US Southwest.
A few days later, the US Federal Bureau of Investigation confirmed that the Darkside ransomware gang attacked the critical infrastructure operator. Colonial Pipeline has also paid the ransom of $4.4 million. However, the Justice Department claims it has recovered $2.3 million.
More from CyberNews:
Subscribe to our newsletter