Bitcoin News; US-based JBS, one of the world’s largest meat processing companies, confirmed on Wednesday that it paid $11 million in bitcoins to hijackers to regain access to its systems after a devastating ransomware attack late last month.
JBS CEO Andre Nogueira said in a statement:
In consultation with internal IT experts and third-party cybersecurity experts, the company made the decision to mitigate unforeseen issues related to the attack and ensure that no data was leaked.
Stating that forensic investigations into the incident are continuing, the company noted that no company, customer or employee data was compromised as a result of the breach. The FBI is trying to formally deter victims from paying ransom because doing so could create a lucrative crime market.
JBS, the world’s largest meat company by sales, announced on May 30 that it was the victim of an “organized cybersecurity attack” that targeted its IT network and temporarily disabled its operations in Australia, Canada and the United States. The attack was attributed to Revil (aka Sodinokibi), a prolific Russia-linked cybercrime group that has emerged as one of the top-earning ransomware cartels.
$11 million ransom to hackers after cyber attack from giant company.
According to statistics released by Emsisoft last month, REvil and its affiliates accounted for around 4.6% of attacks against the public and private sectors in the first quarter of 2021, which is followed by STOP (51.4%), Phobos (6.6%). made it the fifth most frequently reported ransomware type, after Dharma (5.1%) and Makop (4.7%).
Syndicates have been known to launder their financial income through Bitcoin mixing services to hide the trail; this is then sent to both legal and high-risk cryptocurrency exchange portals to convert bitcoins to fiat, real-world currency.
The attack on JBS came in the midst of a recent ransomware attack in which companies were faced with demands for millions of dollars in payment for a key to unlock the systems. Last month, Colonial Pipeline paid a ransom of around 75 bitcoins ($4.4 million as of May 8) to restore services, but the US government was able to recoup most of the money by tracking bitcoin earlier this week.
Colonial Pipeline CEO Joseph Blount said at a hearing before the U.S. Senate Committee on June 8:
Being hijacked by criminals is not a situation any company would want to be in. I decided to pay the ransom using all the means at our disposal to get the pipeline back up and running quickly. It was one of the hardest decisions I’ve had to make in my life.
In a similar development, US insurance company CNA allegedly paid attackers $40 million to recover access to their systems, in what is believed to be one of the most expensive ransoms ever paid. In a statement shared on May 12, the company said there was “no evidence that external customers were potentially at risk of infection due to the incident.”
The relentless attacks on critical infrastructure and their impact on supply chains prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to release a fact sheet detailing the growing ransomware threat to operational technology assets and control systems, helping organizations build effective resilience. .