The CEO of JBS stated that the decision to pay the ransom is difficult, but it is necessary to prevent potential risks to customers.
The world’s largest meat processing company said it paid the equivalent of $11 million to hackers who broke into its computer system at the end of last month.
Brazil-based JBS SA stated on May 31 that it was a victim of a ransomware attack, but Wednesday was the first time the company’s US branch confirmed that it had paid the ransom.
Andre Nogueira, CEO of JBS USA, said: “This is a very difficult decision for our company and for me personally.” “However, we believe that this decision must be made in order to Prevent our customers from facing any potential risks.”
JBS stated that most of its facilities were operating at the time of payment, but it decided to pay to avoid any unforeseen issues and ensure that no data was leaked.
The FBI blamed the attack on REvil, a Russian-speaking group that has raised some of the largest ransomware needs on record in recent months. The FBI said it will work to bring the organization to justice and urge victims of any cyber attacks to contact the bureau immediately.
The goal of this attack was to support JBS servers operating in North America and Australia. Production was interrupted for several days.
Earlier this week, the U.S. Department of Justice announced that it had recovered most of the multi-million dollar ransom paid by Colony Pipeline, the largest fuel pipeline operator in the United States.
In early May, Colonial paid a ransom of 75 bitcoins to a Russian hacker organization-worth $4.4 million at the time. As U.S. officials scramble to respond to the rapidly accelerating threat to key industries around the world, the seizure of cryptocurrency reflects a rare victory in the fight against ransomware.
It is unclear whether JBS also paid the ransom in Bitcoin.
JBS stated that it spends more than US$200 million on IT every year and has more than 850 IT professionals worldwide.
The company said that the forensic investigation is still ongoing, but it believes that no company, customer or employee data has been compromised.