JBS Paid $11 Million in Bitcoin To Ransomware Criminals

JBS USA Holdings Inc., one of the world’s largest food processors, has paid $11 million in Bitcoin to ransomware attackers. The payment follows an attack that knocked out JBS plants that process roughly 20% of America’s meat supply. 

“It was very painful to pay the criminals, but we did the right thing for our customers,” Andre Nogueria, chief executive of JBS SA’s U.S. division, told the Wall Street Journal. 

He added that the payment was sent after several JBS plants were brought back online. 

The ransomware attack also hit JBS’ subsidiary, Pilgrim’s Pride Corp., the second-largest poultry processor in the United States. 

The JBS Attack

Nogueria reportedly learned of the attack on May 30. 

A message demanding a ransom was sent to the company in exchange for returned access to JBS’s computer system. Last week, the FBI attributed the attack to a ransomware group called REvil, but it remains unclear how the attackers gained access to JBS systems. 

Despite the attack, JBS actually had a backup plan. Nogueria told the Wall Street Journal that the company maintains secondary—and encrypted—backups of all its data. The company was able to return functionality to its plants through this data. Still, despite the reported good progress, JBS technology experts claimed there was no guarantee the criminals couldn’t strike again. 

“We didn’t think we could take this type of risk that something could go wrong in our recovery process,” Nogueria said, adding, “It was insurance to protect our customers.” 

Growing concerns about ransomware

In response to rising ransomware attacks, the U.S. Department of Justice has elevated ransomware hacks to a similar priority level as terrorism. 

JBS is not the only high-profile ransomware attack in recent memory—the Colonial Pipeline attack has also promoted concerns about ransomware risks.