The world’s largest meat supplier paid out an $11 million ransom in bitcoin to hackers following a cyber attack, the company said Wednesday.
JBS USA was the victim of a ransomware attack last week that forced it to shut down plants processing around 20% of the country’s meat supply. The company elected to pay the hackers to prevent further attacks as well as minimize damage to the supply chain, JBS CEO Andre Nogueira told The Wall Street Journal in an interview Wednesday.
Nogueira said JBS is currently working with cybersecurity consultants to determine how the hackers breached the system, with no conclusions yet. The FBI blamed Russian hacker syndicate REvil with the attack last week
— FBI (@FBI) June 2, 2021
The FBI’s official policy advises against ransomware payment, arguing that payment encourages hackers to target more victims. Energy Secretary Jennifer Granholm told Meet The Press Sunday that she would support banning ransomware payments to avoid “encouraging the bad actors”.
“This was a very difficult decision to make for our company and for me personally,” Nogueira said in a statement Wednesday. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
JBS is the country’s largest beef supplier and a top processor of pork and poultry, providing one-fifth of the nation’s meat supply while operating plants in Canada, Australia, and Mexico.
The payment comes following the FBI’s recovery of the bitcoin payment made by Colonial Pipeline to Ukrainian hacker group DarkSide. Colonial Pipeline paid DarkSide $4.4 million after the hackers forced the pipeline, which transports 45% of the East Coast’s fuel supply, to temporarily shut down.
Along with the Colonial Pipeline ransomware hack and SolarWinds breach in December, the JBS hack is the third major cyber attack in recent months. President Joe Biden acknowledged in May the dangers these attacks pose to critical infrastructure and supply chains, passing an executive order that improves cybersecurity standards.