JBS USA has confirmed that it paid the equivalent of $11m in ransom in response to the cyber attack against its operations, calling the attack “criminal”.
JBS is the world’s largest meat processor and both its Australian and US businesses were hit with a cyber attack last month.
At the time of the $11m payment, the vast majority of the company’s facilities were operational, a JBS spokesperson said.
“In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” the spokesperson said.
JBS USA CEO Andre Nogueira said it was a difficult decision to make.
“This was a very difficult decision to make for our company and for me personally.
“However, we felt this decision had to be made to prevent any potential risk for our customers.”
Sophisticated cyber criminals
The FBI stated this is one of the most specialised and sophisticated cyber criminal groups in the world, according to the JBS spokesperson.
“JBS USA’s ability to quickly resolve the issues resulting from the attack was due to its cyber security protocols, redundant systems and encrypted backup servers.
“The company spends more than $200m annually on IT and employs more than 850 IT professionals globally.
“JBS USA has maintained constant communications with government officials throughout the incident.
"Third-party forensic investigations are still ongoing, and no final determinations have been made.
"Preliminary investigation results confirm that no company, customer or employee data was compromised,” the spokesperson added.
Earlier this month, the FBI said that combating cyber crime is one of the FBI’s highest priorities.
“We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.
"We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable.
“Our private sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries.
"A cyber attack on one is an attack on us all,” it said.