Advertisement

JBS says it paid $11 million following ransomware attack

Major meet producer JBS USA on Wednesday confirmed it paid an $11 ransom following a cyberattack that shuttered its facilities in the United States and Australia. Photo by SrA Braydon Williams/U.S. Air Force/UPI
Major meet producer JBS USA on Wednesday confirmed it paid an $11 ransom following a cyberattack that shuttered its facilities in the United States and Australia. Photo by SrA Braydon Williams/U.S. Air Force/UPI | License Photo

June 9 (UPI) -- Major meat producer JBS said Wednesday it paid an $11 million ransom in response to a Russian cyberattack that early this month shuttered its meat processing plants in the United States and Australia.

The company confirmed it had paid the ransom in a statement, stating the payment was made at a time with the vast majority of its facilities were operational in order to mitigate any future issues.

Advertisement

"This was a very difficult decision to make for our company and for me personally," said Andre Nogueira, the chief operating officer of JBS USA. "However, we felt this decision had to be made to prevent any potential risk for our customers."

The Wall Street Journal was the first to report on the ransom payment.

RELATED GAO urges DOD to update weapon programs cost oversight

JBS announced June 1 that it shuttered processing facilities in the United States and Australia in response to a ransomware attack a day earlier that affected servers to its IT systems in both countries. Pilgrim's Pride, one of the world's largest poultry producers and a JBS subsidiary, also said it was impacted by the attack.

Two days later, the company announced its global facilities were "fully operational."

The United States government has blamed the attack on Russian cybercriminal organization REvil, which also goes by the name Sodinokibi.

RELATED NYC's transit authority says it was breached by Chinese hacking group

Cybersecurity experts have said that the Russian group is one of the most sophisticated in its ransomware attacks, which the U.S. Cybersecurity and Infrastructure Security Agency under the Department of Homeland Security defines as a type of malicious activity designed to encrypt files on a device to render it unusable. Once the attack is downloaded, the cybercriminals demand a ransom for decryption.

The ransom payment is the second made in recent weeks by a U.S. company to Russian hackers.

Colonial Pipeline, which provides 45% of the East Coast's fuel supply, paid $4.4 million in ransom after Russian cybercriminal organization DarkSide targeted it with a ransomware attack early last month, forcing the company to shut down its services.

RELATED Cyber Command chief stresses need for U.S. to stay ahead in cybersecurity

The attacks are among several high-profile cybersecurity breaches targeting the United States from Russia that have occurred in the first few months of the Joe Biden presidency, some of which have been tied to state actors.

Biden is currently in Europe where the issue is expected to be a central topic of conversation between him and Russian President Vladimir Putin when they summit next week.

Before U.S. and British troops during the first leg of his trip on Wednesday, Biden said he wants a stable, predictable relationship with Russia.

"But I've been clear: The United States will respond in a robust and meaningful way when the Russian government engages in harmful activities," he said. "We've already demonstrated that."

In April, the Biden administration sanctioned 16 entities and 16 people over the Russian interference in the 2020 presidential election and cyberattacks.

In May, he issued an executive order to beef up the nation's digital infrastructure security.

Latest Headlines