FBI Named REvil Responsible for JBS Attack

FBI Named REvil Responsible for JBS Attack

In a short statement on Wednesday, the FBI has named the REvil (Sodinokibi) hacker group as the ransomware operation responsible for the JBS attack. The agency said it is working to bring the perpetrators to justice.

“As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities. We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice,” the agency said.

The FBI promised it would continue its work with private sector partners that helps it prevent future attacks:

“We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable. Our private sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries.”

The agency encouraged anyone who has been the victim of a cyber attack to immediately report it the FBI:

“A cyber attack on one is an attack on us all. We encourage any entity that is the victim of a cyber attack to immediately notify the FBI through one of our 56 field offices.”

In Australia, Rachel Noble, the head of the country’s intelligence agency, said on Wednesday that Australian government has not used its cyber capabilities against the ransomware gang behind the JBS attack because JBS has a private incident response provider.

The Australian Signals Directorate (ASD), the country’s intelligence agency, can also warn other firms about impeding threats of a ransomware attack by using its more secretive powers:

“We were very engaged with [Channel Nine during their March attack] and the technical information that they were able to provide us about what happened on their network helped us, using our more classified capabilities, to warn two other entities that they were about to be victims as well, to prevent them from becoming victims,” the director-general said.

The world’s biggest beef processor said it managed to save its Mexico and UK operations from attacks and had seen significant progress in resolving the issue, which occurred in late May. 

On Wednesday, the company said its global operations were at near full capacity, while “JBS USA and Pilgrim’s continue to make significant progress in restoring our IT systems and returning to business as usual,” JBS USA CEO Andre Nogueira said.

Today, the majority of its facilities around the world resumed operations.

“Today, the vast majority of our facilities resumed operations as we forecast yesterday, including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the US and Australia.”

Image: ZDnet

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.