JBS, the world’s biggest meat processing company, said it paid the equivalent of $11 million in ransom after its company was hacked by cyber thieves in order to prevent disruptions, the company said in a blog post.
When the ransom payment was paid, most of the company’s facilities were operational, according to the company. After consulting with internal IT specialists and third-party cybersecurity experts, JBS decided to pay the fraudsters in order to stave off potential problems relating to the attack.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The attack on JBS was orchestrated by one of the most specialized and sophisticated cybercriminal groups in the world, the FBI stated, per the blog post. JBS quickly resolved issues resulting from the attack by leveraging cybersecurity protocols already in place. The company said that it spends over $200 million each year on IT and employs more than 850 IT professionals worldwide.
The hack was first detected on May 30, prompting JBS to suspend all systems and bring in the necessary authorities and experts. JBS also said it collaborated with government officials when it first discovered the infiltration and that forensic investigations are ongoing. There was no evidence that any data was compromised, per the post.
As of early June, the FBI was already investigating some 100 types of ransomware, with FBI Director Christopher Wray stating that many attacks started in Russia and are similar to the 9/11 attacks. The cyberattacks on JBS and fuel supplier Colonial Pipeline are considered a national security threat, U.S. President Joe Biden said. The government recovered about $2 million from the ransomware attack on Colonial Pipeline, which took place on May 6.