JBS paid $11M cyber ransom

In yet another graphic demonstration of the financial incentives available for sophisticated cyber-crime, meatpacker JBS USA said it paid the equivalent of $11 million following a recent ransomware attack.

“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO of JBS USA on the ransom payment. “However, we felt this decision had to be made to prevent any potential risk for our customers.”

The Wall Street journal reported that the JBS ransom payment was made in cryptocurrency bitcoin.

The cyberattack on JBS disrupted its North American and Australian operations, according to the company’s CEO.

The subsidiary of Brazilian firm JBS halted cattle slaughtering at all of its US plants for a day last week in response to the cyberattack, which threatened to disrupt food supply chains and further inflate already high food prices.

The news of the ransomware payment follows reports that insurer CNA paid cyber criminals some $40 million following a ransomware attack earlier this year, while Colonial Pipeline, itself the victim of a high profile attack in May, also paid a ransom of some $4.4 million.

However, the US Justice Department said that it had actually managed to recover some $2.3 million of the ransom paid by Colonial.

Deputy Attorney General Lisa Monaco said investigators had seized 63.7 bitcoins, now valued at about $2.3 million, paid by Colonial after last month’s hack of its systems that led to massive shortages at US East Coast gas stations.

The Justice Department has “found and recaptured the majority” of the ransom paid by Colonial, Monaco said.

An affidavit filed on 7 June said the FBI was in possession of a private key to unlock a bitcoin wallet that had received most of the funds. It was unclear how the FBI gained access to the key.

Ransom software works by encrypting the data of targeted companies. Typically hackers will offer the victim a key in return for cryptocurrency payments that can run into hundreds of thousands or even millions of dollars.

The FBI said earlier this month that the agency was investigating about 100 different types of ransomware.

The payment of ransom demands for such attacks flies in the face of official advice, however:  US Energy Secretary Jennifer Granholm said in an interview with CNN this week that companies need to alert the federal government when they are targeted and stop paying attackers.

“You shouldn’t be paying ransomware attacks, because it only encourages the bad guys,” she said.

While she opposes ransomware payments, she said she is uncertain whether President Biden or Congress is prepared to outlaw them.

Follow us on twitter: @RisksEmerging