Meat company JBS Foods confirms it paid US$11M ransom in cyberattack

Click to play video: 'How hackers can exploit vulnerabilities in Canadian companies'
How hackers can exploit vulnerabilities in Canadian companies
Large ransomware attacks have been on the rise over the last several years, targeting businesses as well as key infrastructure systems to make a profit. Mike Le Couteur looks at how Canadian companies that have fallen victim and why hackers should not be underestimated – May 10, 2021

The world’s largest meat processing company says it paid the equivalent of US$11 million (about $13.3 million CAD) to hackers who broke into its computer system late last month.

Brazil-based JBS SA said on May 31 that it was the victim of a ransomware attack, but Wednesday was the first time the company’s U.S. division confirmed that it had paid the ransom.

“This was a very difficult decision to make for our company and for me personally,'” said Andre Nogueira, the CEO of JBS USA.

“However, we felt this decision had to be made to prevent any potential risk for our customers.”

JBS said the vast majority of its facilities were operational at the time it made the payment, but it decided to pay in order to avoid any unforeseen issues and ensure no data was exfiltrated.

Story continues below advertisement

The FBI has attributed the attack to REvil, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months.

Ransomware is a type of cyber-attack that infects your device, holding your information hostage until you pay a fee. Cybersecurity experts say a common way for hackers to penetrate security is to trick employees through emails or texts that allow disruptive software into corporate systems.

The FBI said it will work to bring the group to justice and it urged anyone who is the victim of a cyberattack to contact the bureau immediately.

The attack targeted servers supporting JBS’s operations in North America and Australia. Production was disrupted for several days, including at the JBS Canada beef processing plant in Brooks, Alta., which employs more than 2,800 people.

Earlier this week, the U.S. Justice Department announced it had recovered most of a multimillion-dollar ransom payment made by Colonial Pipeline, the operator of that nation’s largest fuel pipeline.

Colonial paid a ransom of 75 bitcoin — then valued at $4.4 million American — in early May to a Russia-based hacker group.

Story continues below advertisement
Click to play video: 'U.S. recovers ‘majority’ of cryptocurrency paid in Colonial Pipeline ransomware attack'
U.S. recovers ‘majority’ of cryptocurrency paid in Colonial Pipeline ransomware attack

The operation to seize cryptocurrency reflected a rare victory in the fight against ransomware as U.S. officials scramble to confront a rapidly accelerating threat targeting critical industries around the world.

It wasn’t immediately clear if JBS also paid its ransom in bitcoin.

JBS said it spends more than $200 million annually on IT and employs more than 850 IT professionals globally.

The company said forensic investigations are still ongoing, but it doesn’t believe any company, customer or employee data was compromised.

Sponsored content