Last week, JBS USA — one of the largest meat processors in the world — was the target of an organized cybersecurity attack. Four days later, JBS announced that all of its global facilities were fully operational after resolution of the crime. However, the resolution did not come without a price tag.
In an effort to keep the cyberattack as confined as possible, JBS confirmed they paid the equivalent of $11 million in ransom in response to the criminal hack against its operations. According to the Wall Street Journal, the ransom was paid in bitcoin, similar to the Colonial Pipeline ransom request.
At the time of payment, the vast majority of the company’s facilities were operational. In consultation with internal IT professionals and third-party cybersecurity experts, JBS made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.
With their quick response, JBS and Pilgrim’s were able to limit the loss of food produced during the attack to less than one days’ worth of production. Any lost production across the company’s global business is expected to be fully recovered, which limited any potential negative impact on producers, consumers, and the company’s workforce.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
Last week, the FBI attributed the JBS attack to REvil — a Russian speaking ransomware gang — and are working diligently to bring the threat actors to justice. The FBI stated this is one of the most specialized and sophisticated cybercriminal groups in the world.
JBS USA has maintained constant communications with government officials throughout the incident. Third-party forensic investigations are still ongoing, and no final determinations have been made. Thankfully, preliminary investigation results confirm that no company, customer, or employee data was compromised.
Even though JBS spends $200 million annually on IT and employs more than 850 IT professionals globally, they were still a target for cybersecurity attack.