Major meat producer JBS, which was forced to partially suspend operations in late May because of a cyberattack, paid criminals an $11 million ransom in bitcoin, the meat company’s U.S. head of operations, Andre Nogueira, told The Wall Street Journal.
“Paying criminals is very unpleasant, but we did the right thing for our customers,” Nogueira said.
The company head said the concession had to be made to protect itself from further problems and to avoid a negative impact on businesses that depend on JBS supplies. The company paid the money after most of the slaughterhouses were back in operation.
JBS, according to Nogueira, became aware of the attack when technicians discovered problems with some of its servers. A ransom message was soon found: in exchange for money, the extortionists promised to return access to the company’s systems. JBS immediately reported the attack to the Federal Bureau of Investigation (FBI), and IT began shutting down the company’s systems to get ahead of the perpetrators. Cybersecurity specialists and consultants were involved in the negotiations. The company is still analyzing its IT systems, and it is not yet clear exactly how the attackers were able to access them.
JBS suffered a cyberattack on May 30, which halted abattoirs in several countries. Meat supply chains were at risk. The FBI claims REvil and Sodinokibi services were behind the attack.
In early May, Colonial Pipeline, the largest U.S. fuel pipeline operator, also had to pay a ransom after a cyber ransomware attack. The ransom was $4.4 million. The country’s authorities managed to recover some of the money, and the FBI took over the operation to trace the payment.