JBS, the world’s biggest meat processor, has paid an $11m (£7.8m) ransom after a cyber-attack shut down operations, including abattoirs in the US, Australia and Canada.
While most of its operations have been restored, the Brazilian-headquartered company said it hoped the payment would head off any further complications including data theft.
JBS, which supplies more than a fifth of all beef in the US, reportedly made the payment in bitcoin.
“This was a very difficult decision to make for our company and for me personally,” said JBS’s chief executive, Andre Nogueira. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The meat producer was forced to stop all cattle slaughtering at its US plants for a day last week, in a move that threatened to disrupt food supply chains and lead to further food price inflation in the US, where labour shortages, high demand and Covid-related disruptions are taking their toll.
The hack also disrupted the company’s operations in other countries, including Australia, although less severely.
JBS, which spends more than $200m (£141m) on IT and employs more than 850 tech specialists, said the FBI described the cybercriminal group that carried out the attack as “one of the most specialised and sophisticated” in the world. White House officials said last week the criminal organisation responsible was probably based in Russia.
Bloomberg has named the group involved as REvil – also known as Sodinokibi – a cybergang with Russian links. This year the group claimed to have stolen blueprints for Apple’s latest products during the hacking of a Taiwanese hardware company that supplies the iPhone maker. REvil boasts about its exploits on a dark-web blog called Happy Blog.
However, no organisation has as yet claimed responsibility for the JBS attack.
The ransomware attack against the meat producer is the latest to temporarily devastate operations at a US company. Last month, an attack on Colonial Pipeline, the country’s largest fuel pipeline, disrupted fuel deliveries in south-east US for several days.
Colonial Pipeline also paid a ransom of $4.4m, but a specialised ransomeware taskforce created by the Biden administration has since recovered most of the cryptocurrency payment.
The former director of the US Cybersecurity and Infrastructure Security Agency, Christopher Krebs, has warned that “everyone is in play” and vulnerable to international hacking gangs, with US local government systems among the other organisations subjected to recent attacks.
JBS said a third-party investigation was ongoing but a preliminary investigation had confirmed that none of its company, customer or employee data was compromised as part of the attack.
