According to The Wall Street Journal, citing a statement by André Nogueira, the executive director of the American division of the company, the company was attacked by ransomware hackers. The essence of their work is to block the company's systems and demand a ransom for unblocking.
The hackers got their jackpot in bitcoins after most of the JBS factories were restored to work. Despite this, meat producers chose to pay the ransom to attackers in the hope of protecting themselves from further attacks. The concession to hackers in the company was explained by the desire to minimize the harm that potential attacks can cause to counterparties of the enterprise network: restaurants, shops and farmers.
“It was very painful for us to pay the criminals, but we did the right thing in relation to our clients”, - the Dozhd TV channel quotes Nogueira's statement.
JBS is the world's largest producer of beef, pork and poultry. Its production volumes account for about 20% of all pork and 25% of beef in the United States. The meat producer's products are exported to 110 countries of the world.
Hackers attacked JBS at the end of May. The attack was so widespread that it led to the closure of giant meat processing plants in Colorado, Iowa, Minnesota, Pennsylvania, Nebraska and Texas. JBS had to completely stop slaughtering in Australia and cancel shifts at a Canadian plant that processes up to 4,200 head of livestock per day.
Immediately after the start of the attack, the company's management turned to the FBI for help. The company said that the attack was obviously behind an organization that "is probably based in Russia".
The department found out that there really is a "Russian trace", and a hacker group called REvil is behind the attack. The victims were advised not to pay the extortionists. However, the firm's management chose to pay for fear of further attacks on customers.
Almost simultaneously, Colonial Pipeline, which operates the American pipeline, was subjected to a similar ransomware attack. To restore access to the computer network, the victims paid the criminals about $ 5 million in bitcoins.
The FBI believes that hackers with ties to Russia are hiding behind attacks on American enterprises. Experts named the DarkSide group as suspects. After the management of Colonial Pipeline paid off the extortionists, the security forces were able to return them a significant part of the ransom.
The attacks on American businesses had international repercussions . On June 4, US Secretary of State Anthony Blinken called on Russia to stop hacker attacks from its territory. Blinken said that a new cyber threat is emanating from Russia, associated with attacks by criminal organizations on American enterprises. However, Blinken has not yet discussed the details of the fight against this threat with Russian Foreign Minister Sergei Lavrov. US President Joe Biden intends to raise the topic of cyberattacks at a meeting with Russian President Vladimir Putin in mid-June.
“I think that any country must do everything possible to find hacker groups and bring them to justice, including in the case of the cyberattack on the Colonial Pipeline”, - Blinken said.
According to the secretary of state, the group responsible for the recent attack on the pipeline was and is still in Russia, as are its leaders. The US Secretary of State also called for all countries in the world to "commit themselves not to harbor criminal enterprises" that organize cyber attacks and participate in attacks. Countries must track them down, stop them, and hold them accountable. According to Blinken, US government and non-governmental organizations should simultaneously strengthen their defense against cyber attacks, including the use of ransomware.