Meat supplier JBS probed after paying $11 million ransom to attackers

Meat supplier JBS probed after paying $11 million ransom to attackers

Meat supplier JBS probed after paying $11 million ransom to attackers

Last week it was revealed that the world’s biggest meat supplier, JBS, had paid criminals $11 million worth of Bitcoin following a ransomware attack on its systems.

Jbs statement

JBS USA today confirmed it paid the equivalent of $11 million in ransom in response to the criminal hack against its operations. At the time of payment, the vast majority of the company’s facilities were operational. In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.

“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”

I agree that for any company hit by a ransomware attack it’s a tricky dilemma. Do you pay millions of dollars to those who attacked you? That may possibly prevent your assailants from releasing any stolen data, and provide you with a decryption key to help you recover your systems… but it also encourages others to engage in ransomware attacks in future, against not just your own business but other organisations around the world.

Your decision might be viewed as pragmatic, and help your company get back up on its feet, and be reassuring to your commercial partners and staff, but they aren’t the only ones who are watching with interest.

Because it appears that members of the US Congress have raised an eyebrow about how JBS responded to its attack, especially in the wake of other high profile ransomware incidents that have made headlines around the world.

Carolyn Maloney, chair of the House Oversight and Reform Committee has written to JBS CEO Andre Nogueira, concerned that dangerous precedents are being set that may increase the risk of future ransomware attacks.

EmailSign up to our newsletter
Security news, advice, and tips.

In her letter to Nogueira, Maloney asks for a copy of all documents related to the discovery of the attack, discussions and communications related to the ransom, and any communications related to the performance of any decryption tool provided by the attackers.

Letter to jbs

Bad enough to have your systems probed by a ransomware gang like Revil. Worse still, I suspect, to also have your response probed by the US Congress.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *