JBS USA, a global meat provider, has paid hackers $11 million in Bitcoin to secure its systems after the hackers attacked it with ransomware.
JBS USA chief Andre Nogueira confirmed the company paid the attackers.
Although the FBI discourages victims from paying ransoms because it shows them their tactics work, JBS decided to pay the attackers after consultation with third-party cybersecurity experts to ensure that their data was not compromised: “to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” the company said.
However hard, the company believes this action was necessary to prevent any potential risk to its customers:
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The FBI identified the attackers behind the ransomware attack as the REvil gang, run by Russian nationals. REvil is a type of cybercrime group that indiscriminately targeted victims like hospitals, schools, and charities. In the past, it demanded ransoms of up to $50 million. The REvil gang also rents its encryption software to criminal groups.
The meatpacker company said it was able to swiftly resolve the issues it faced due to its encrypted backup servers and the robust security measures it implemented to prevent a similar attack from happening in the future.
The JBS attack came after the Colonial Pipeline, which carries oil from Texas to the east coast, was attacked by a group of individuals on Wednesday.
The attack on the Colonial pipeline raised concerns about the security of the critical infrastructure around the world, prompting several European governments, among them Italian, to start developing new cybersecurity policies.