JBS USA Holdings Inc. paid a ransom of $ 11 million to cybercriminals who temporarily killed plants that handle about a fifth of the country’s meat supply last week, the company’s chief executive said.
The bitcoin ransom payment was made to protect JBS’s meat processing plant from further disruption and limit the potential impact on JBS-based restaurants, grocery stores and farmers, said Andre Nogueira, CEO of Brazilian meat company JBS SA
“It was very painful to pay criminals, but we did the right thing for our customers,” Mr Nogueira told The Wall Street Journal on Wednesday. He added that the payment was made after most of JBS̵
JBS is the world’s largest meat company for sales, processing of beef, poultry and pork from Australia to South America and Europe. In the United States, the company is the largest beef processor and a leading supplier of chicken and pork. His subsidiary Pilgrim’s Pride Corp.
, also affected by the attack, is the second largest poultry producer in the United States after Tyson Foods Inc.
The attack on JBS was part of a wave of ransomware raids in which companies have been hit by multimillion-dollar payment claims to regain control of operating systems. The pipeline operator delivering gasoline to parts of the East Coast in May paid about $ 4.4 million to regain control of operations and restore the service. The attacks show how hackers have shifted from targeting data-rich companies such as retailers, banks and insurers to basic service providers such as hospitals, transport operators and food companies.
Mr Nogueira said JBS learned of the attack early Sunday, May 30, when members of the technology staff noticed malfunctions in some servers. They soon found a ransom message to restore access to the company’s system. Mr Nogueira, who was traveling, said he was awakened at around 5am by a phone call from his CFO, who informed him of the intrusion.
JBS immediately alerted the Federal Bureau of Investigation, Mr Nogueira said, and the company’s technology team began shutting down the meat supplier’s systems to slow the progress of the attack. JBS called on technology vendors who had previously worked with the company, as well as cybersecurity experts and consultants, who had begun negotiations with the attackers.
Last week, the FBI attributed the JBS attack to REvil, a criminal gang for ransomware. Mr Nogueira said JBS and outside companies were conducting forensic analyzes of their IT systems and that it was not yet clear how hackers had access to JBS’s systems.
JBS maintains secondary backups of all its data, which is encrypted, Mr Nogueira said. The company returned operations to its plants using these backup systems, he said. While the company is making good progress, he added, JBS technology experts have warned the company that there is no guarantee that hackers will not find another way to strike, and JBS consultants continue to negotiate with the attackers. Mr Nogueira said the company was confident that the attack did not compromise customer, supplier or employee data based on its forensic analysis.
“We didn’t think we could take that kind of risk that something could go wrong in the recovery process,” Mr Nogueira said of the decision to pay the attackers. “It was insurance to protect our customers.”
He said JBS external advisers had agreed on the amount of payment with the attackers and that the company had informed federal law enforcement throughout the process. Mr Nogueira declined to say when JBS made the payment or to identify the cybersecurity experts.
Write to Jacob Bunge at email@example.com
Copyright © 2020 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8
It appeared in print on June 10, 2021, as “JBS paid $ 11 million in bitcoin for ransom.”