JBS is a Brazilian company considered to be one of the world’s largest producers of both beef and poultry, establishing a foothold in the US, Australia, Canada, Mexico, New Zealand and the UK. However, within the US, operating as JBS USA Holdings Inc., the company is known as the top dog in the industry.
JBS USA Holdings Inc. recently forked over $11 million in bitcoin to cybercriminals who attacked the company’s operating systems as part of a larger effort to avoid any further disruptions to the business, the supplier has revealed.
Andre Nogueira, the chief executive officer of the company’s US division, disclosed to the Wall Street Journal on Wednesday that the hefty bitcoin payout was done after the majority of the JBS’ plants had resumed operations.
“It was insurance to protect our customers,” Nogueira underscored, referring to the decision to pay the ransom.
Although officials did immediately alert US federal authorities about the ransomware incident, Nogueira revealed they also had cybersecurity experts and fellow consultants starting to negotiate with the attackers, who were later identified as the REvil group.
Employees walk around with face masks at the JBS USA meat packing plant, which on Monday was closed after numerous employees tested positive and two have died from the coronavirus disease (COVID-19), in Greeley, Colorado, U.S., April 14, 2020
Nogueira declined to specify when the payout was issued, as well as name the cybersecurity experts it had been working alongside during the hacking event. The official did state the company is certain information regarding its customers, suppliers and employees was not compromised.
JBS first announced that it had been victim to a cyberattack on May 31, a day after the incident actually took place. It was not until June 3 that the company declared it had restored its systems and was “fully operational.”
Incidentally, the cyberattack came a few weeks after hackers targeted the Colonial Pipeline and forced a six-day shutdown to one of the US’ largest fuel suppliers. At the time, it was revealed pipeline officials paid hackers $4.4 million to the DarkSide cybercriminal group. However, the US Department of Justice announced earlier this week that it had managed to recover the “majority” of the funds.