By: Denise Simon | Founders Code
Reuters: JBS USA, subsidiary of Brazilian firm JBS SA (JBSS3.SA), confirmed in a statement on Wednesday the company paid the equivalent of $11 million in ransom in response to a criminal hack against its operations.
The world’s largest meat producer canceled shifts at its U.S. and Canadian meat plants last week after JBS said it was hit with a crippling cyberattack that threatened to disrupt food supply chains and inflate food prices.
“This was a very difficult decision to make for our company and for me personally,” JBS USA CEO Andre Nogueira said in a statement. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The company said it paid the ransom to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.”
According to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, ransomware is a type of malware that shuts down a company’s computer infrastructure with hackers demanding payment to unlock the system.
Earlier this month, the FBI attributed the infiltration to Russia-based hackers.
JBS said it was in constant contact with federal officials, and while investigations are ongoing, “preliminary investigation results confirm that no company, customer or employee data was compromised.”
The company said it spends $200 million annually on IT services.
JBS is not the first company to recently pay ransom to cybercriminals based in Russia. JBS said its ability to resolve the issues resulting from the attack was “due to its cybersecurity protocols, redundant systems, and encrypted backup servers.” Additionally, the company employs more than 850 IT professionals around the world. JBS maintained that no company, customer, or employee data was compromised.
It also halted slaughter operations across Australia and idled one of Canada’s largest beef plants. The FBI has attributed the incident to REvil, a hacking group that researchers say has links to Russia.
The global shutdowns upended agricultural markets and raised concerns about food security as hackers increasingly target critical infrastructure. Operations have returned to normal levels and the company expected lost production to be fully recovered by the end of this week.
In its latest statement, JBS said the vast majority of the company’s facilities were operational at the time of payment. It had made the decision to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated” in consultation with internal IT professionals and third-party cybersecurity experts.
JBS added it has maintained constant communications with government officials throughout the incident, and that third-party forensic investigations are still ongoing.
Dow Jones had earlier reported the ransom payment.
