Meat Producer JBS Paid $11M in Bitcoin to Ransomware Attackers to Protect Customers

Major meat producer JBS has disclosed that it paid about $11 million to ransomware attackers to avoid further disruption to its business.

JBS Attacked By Russian Group REvil

The company was hacked in May and was forced to shut down some of its operations in Australia, Canada, and the US. The attack was attributed to a Russian-linked ransomware group known as REvil. According to The Wall Street Journal, the payment was made to REvil, who left no trace of how they managed to infiltrate the company's computer networks. JBS revealed in a statement that the forensic analysis conducted by the firm showed that no supplier, customer, or employee data was compromised in the attack. It said that it only chose to pay to keep its files safe. "At the time of payment, the vast majority of the company's facilities were operational," the company said in an emailed statement, adding that it "made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated." CEO Andre Nogueira, also affirmed the firm's decision to pay, saying that it was necessary to prevent any potential risk to their customers. However, JBS ransom payment goes against the US government's advice stating that ransomware victims should not pay their attackers.

Ransomware Attacks Getting Worse In The US

Ransomware attacks have dramatically increased across the US in the past two years. According to a report by Check Point Research, ransomware attacks more than doubled this year compared with the beginning of 2020. Last month, Colonial Pipeline was hacked by a Russian hacker group called DarkSide and reportedly paid $4.4 million in ransom. The company was forced to shut down which created fuel shortages in the Southeastern states. Another ransomware attack happened later in the same month against CNA Financial. CNA, one of the country's largest insurance companies, reportedly paid $40 million in Bitcoin to restore access to its network. The US Justice Department, which has been investigating the ransomware attacks alongside the FBI, recently revealed that it had recovered part of the ransom paid by Colonial. Colonial Pipeline does not regret paying the ransom despite the US authorities' stance on it. US Representative Carolyn Maloney previously said that paying ransom sets a dangerous precedent that should not be encouraged. In his first congressional hearing since the attack, CEO of Colonial Joseph Blout told the Senate Homeland Security and Governmental Affairs Committee that paying the ransom was the right thing to do. Meanwhile, the Joe Biden Administration continues to sound the alarm about the problem, which has become a national security issue causing tensions between the US and Russia. President Joe Biden plans to meet with Russian President Vladimir Putin next week to discuss hacking attacks, according to White House Press Secretary Jen Psaki. The ransomware topic is also a priority for discussion in the upcoming Group of 7 (G7) summit scheduled to be held in Europe.