World’s biggest meat producer JBS pays $11m cybercrime ransom

Spread the love

JBS, the world’s biggest meat processor, has paid an $11m (£7.8m) ransom after a cyber attack shut down operations, including abattoirs in the US, Australia and Canada.

While most of its operations have been restored, the Brazilian-headquartered company said it hoped the payment would head off any further complications including data theft.

JBS, which supplies more than a fifth of all beef in the US, reportedly made the payment in bitcoin.

“This was a very difficult decision to make for our company and for me personally,” said JBS’s chief executive, Andre Nogueira. “However, we felt this decision had to be made to prevent any potential risk for our customers.”

The meat producer was forced to stop all cattle slaughtering at its US plants for a day last week, in a move that threatened to disrupt food supply chains and lead to further food price inflation in the US, where labour shortages, high demand, and Covid-related disruptions are taking their toll.

The hack also disrupted the company’s operations in other countries, including Australia, although less severely.

JBS, which spends more than $200m (£141m) on IT and employs more than 850 tech specialists, said the FBI described the cybercriminal group that carried out the attack as “one of the most specialised and sophisticated” in the world. White House officials said last week the criminal organisation responsible was probably based in Russia.

The ransomware attack against the meat producer is the latest to temporarily devastate operations at a US company. Last month, an attack on Colonial Pipeline, the country’s largest fuel pipeline, crippled fuel deliveries in south-east US for several days.

Colonial Pipeline also paid a ransom of $4.4m, but a specialised ransomeware taskforce created by the Biden administration has since recovered most of the cryptocurrency payment.

JBS said a third-party investigation is ongoing, but a preliminary investigation confirmed that none of its company, customer or employee data was compromised as part of the attack.

Spread the love