- One of the world’s biggest meat processing firms has paid R150 million worth of bitcoin to hackers.
- The firm’s CEO called it a "difficult decision".
- It is the second major ransomware attack on a US firm in recent weeks — with around R245 billion paid in ransom to hackers last year.
JBS, one of the world’s biggest meat processors, has paid bitcoin worth $11 million (R150 million) in ransom to hackers to prevent any further disruption after a paralysing cyberattack believed to have originated in Russia.
This was the second multi-million-dollar payment to hackers in recent weeks, drawing attention to the broader threat posed by ransomware to essential infrastructure, services and businesses.
Hackers had targeted the computer systems of Brazil-based JBS last week, impacting operations in the United States, Australia and Canada. The company’s US subsidiary said Wednesday it had paid the equivalent of $11 million in ransom.
"This was a very difficult decision to make for our company and for me personally," said Andre Nogueira, CEO of JBS USA.
"However, we felt this decision had to be made to prevent any potential risk for our customers."
The company said it made the payment "to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated."
Nogueira told the Wall Street Journal that the ransom was paid in bitcoin.
The JBS hack was the second major ransomware attack on a major US entity in recent weeks.
A cyberattack in May forced the temporary shutdown of the huge Colonial fuel pipeline network in the eastern United States, and sparked panic buying in some states.
Colonial paid $4.4 million in ransom to regain control and restore operations.
The US Justice Department later recovered $2.3 million in bitcoin, tracking the ransom payment as it moved through multiple anonymous transfers and eventually seizing it from a cryptocurrency wallet.
The JBS and Colonial Pipeline attacks follow the 2020 hack of the SolarWinds software company.
Microsoft warned recently that the state-backed Russian group behind the SolarWinds attack had re-emerged with a series of attacks on government agencies, think tanks and other groups.
The White House has not blamed the Kremlin directly for the recent ransomware attacks, only suggesting that criminal groups are operating from inside Russia.
However, President Joe Biden’s press secretary Jen Psaki said "responsible states do not harbor" cybercriminals.
Cybersecurity experts say many independent ransomware extortionists appear to be located in Russia or former Soviet satellites in eastern Europe.
The attacks have grown so frequent that the issue has been elevated in seriousness in the Justice Department to the level of terror attacks.
Recent ransomware targets include local governments, hospitals, insurers, and even a ferry service in Massachusetts.
At least $18 billion (R245 billion) was paid to ransomware attackers last year, according to the security firm Emsisoft. It has found "tens of thousands" of victims so far in 2021.
The increasing threat of such cyberattacks has led to calls for tightening legislation, and even requiring private companies to report them.
"The number of companies that are getting hit on a regular basis with ransomware attacks and quietly paying in bitcoin or other cryptocurrencies, I think would shock most folks in business," Mark Warner, chairman of the US Senate’s Intelligence Committee, told CNBC last month after the Colonial hack.
Warner has called for legislation requiring companies to report any attacks to the government to ensure a robust response.