JBS, the world’s biggest meat producer, has paid U$11 (£7.8m) in cybercrime ransom, making it the latest high-profile organisation to fall victim to a cyber attack.
After having parts of its operations shut down by hackers last week, including abattoirs in the US, Canada and Australia, the Brazilian-headquartered company had no option but to pay the money to the criminals — in bitcoins. JBS’s CEO Andre Nogueira said this was a “very difficult decision to make”, but that they “had to prevent any potential risk for customers”, mainly restaurants, farmers and supermarkets that depend on the company, which supplies more than a fifth of all the beef in America, according to market estimates.
The attack on the meat producer is part of a new wave of ransomware attacks in which hackers block the access of the target company to the infected system. Nogueira claims to have first heard about the attack on May 30th, when members of his IT team, which costs JBS U$200m (£141m) a year, noticed the first irregularities with their operational system followed by a message demanding the payment. The United Food and Commercial Workers’ Union, which represents JBS plant employees, has urged the company to ensure workers still receive their pay.
The FBI described the cybercriminal group responsible for the attack as “one of the most specialised and sophisticated” in the world. The White House officials said last week that the criminal organisation was probably based in Russia, while Bloomberg named the group as “REvil”, also known as “Sodinokibi”. The group has already claimed to have stolen blueprints for Apple’s most recent products during the hacking of a Taiwanese hardware company that supplies the iPhone maker this year.
Nogueira has affirmed that the company is confident none of their clients, suppliers or employees have had private data stolen or compromised, stating “we didn’t think we were subject to such risk. The money we had to pay was a ‘premium’ to protect our clients.”
The ransomware attack against JBS is the latest to temporarily devastate operations at a US company. Last month, for example, an attack on Colonial Pipeline, the country’s largest fuel pipeline, disrupted fuel deliveries in South-East US for several days. The company also had to pay a ransom of $4.4m (£3.1m), although a specialist ransomware taskforce created by the Biden administration was able to successfully recover most of the payment, which was also made in cryptocurrency.
Considering these recent events, companies should be cautious because, according to the former director of the US Cybersecurity and Infrastructure Security Agency Christopher Krebs, “everyone is in play”. Companies should not only be aware they are vulnerable to international hackers more than ever but should also take all the necessary steps to protect themselves. After all, as Nogueira said, with competition always growing between companies in a globalised world, data security is key, but client protection is going to be even more vital to their success going forward.