World's biggest meat processor JBS pays $11 million to ransomware gang

midian182

Posts: 6,903   +62
Staff member
What just happened? Organizations are usually advised not to pay anything after being hit by ransomware attacks, but there are occasions when such action is the best, or only, option. That seems to have been the case for JBS, the world's biggest meat processor, which has paid $11 million after a cyberattack shut down its operations.

The incident took place last week, shutting down abattoirs in the US, Canada, and Australia. The company, which supplies more than a fifth of all beef in the US, said making the massive Bitcoin payment was necessary to protect customers.

"This was a very difficult decision to make for our company and for me personally," said JBS's chief executive, Andre Nogueira. "However, we felt this decision had to be made to prevent any potential risk for our customers."

JBS added that the sophistication of the attack also factored into its decision to make the payment, though the "vast majority" of its plants remained operational.

The company was forced to halt all cattle slaughtering at its US plants for a day last week, a move that threatened to disrupt food supplies and raise prices in a market already suffering from the pandemic's effect.

The Brazil-based company said that "preliminary investigation results confirm that no company, customer or employee data was compromised" in the attack.

The White House has said that a criminal organization behind the incident is "likely based in Russia." The FBI described the group as "one of the most specialized and sophisticated" in the world.

Their potentially lucrative nature has seen ransomware become a favorite among hackers in recent years. “The recent multi-million ransom payments is likely just the tip of the iceberg. Many companies do not publicly disclose security incidents and eventual ransom payments to avoid negative publicity. When no regulated data, such as personal information or health records, are impacted by the breach, this may be a wise approach," said Ilia Kolochenko, Founder of ImmuniWeb, and a member of Europol Data Protection Experts Network.

"Nonetheless, breached companies should also carefully revise their breach disclosure duties imposed by contractual obligations. When the incident implicates data protected by GDPR, CCPA or HIPAA, concealment of the data theft may have harsh legal ramifications up to criminal prosecution."

Last month saw the 5,500-mile Colonial Pipeline taken offline for four days following a ransomware attack by Eastern European group DarkSide. Colonial paid around $4.4 million in ransom, though a taskforce created by the Biden administration has since recovered $2.3 million of the Bitcoin payment.

Image credit: T. Schneider

Permalink to story.

 

VitalyT

Posts: 5,689   +5,539
Paying terrorists is sponsoring them to continue the crime. It should be illegal and punishable by law.

And those meat-boys should go to jail for directly sponsoring terrorism. Those a-holes just made sure that ransomware crime keeps growing.
 

stewi0001

Posts: 2,627   +2,260
You can invest as much as you want, but cybersecurity is not that easy. Money will only get you so far.
obviously, but from my experience from working in IT, some companies don't care about investing in IT because it's not "profitable"
 

p51d007

Posts: 2,765   +2,083
No problem...You can bet the CEO's won't be losing any money.
Not to mention raising the price, they'll make that 11 million up quickly.
And you can bet after they make it up, the price won't go back down.
 

Neatfeatguy

Posts: 353   +539
No problem...You can bet the CEO's won't be losing any money.
Not to mention raising the price, they'll make that 11 million up quickly.
And you can bet after they make it up, the price won't go back down.
I hope prices don't take a stupid jump.

Groceries already jumped upwards of 40% in the last16 months. On average, 16+ months ago, I used to spend around $180 (give or take a bit) on a trip to the grocery store. I'd plan out meals, see what was needed and generally would stick to my list. Prices started jumping and today I average around $250 every time I go to the grocery store.

I go about every 12 days. That equals out to about 30 trips a year to the grocery store.
30 x $180 = $5,400 on groceries for 4 people in a year.
30 x $250 = $7,500 on groceries for 4 people in a year.

It already sucks that my food bill has jumped by $2k in a fiscal year. That was money I used to be able to save after paying bills and spending a bit here and there to do activities outside of the house with the family.

Start of the year, at work I got a 50 cent raise. After taxes, a 50 cents raise gives you around $850 extra. Cool, right?
Health insurance went up this year as well. The jump in health insurance costs me an extra $820 for the year......so my pay raise basically pays for the increased health insurance costs.

Then gas took a $0.25 raise as soon as Trump lost the election. So there goes the extra, last $30 from my pay raise to higher gas prices.....

In the end I'm worse off than I was 16 months ago in terms of financial stability. Last thing I want to see would be an increase in more grocery prices. I guess.....it all just f'ing sucks.
 

DukeJukem

Posts: 198   +184
This is just a scam news story that's going to give them a "logical" reason to increase the price of meat and dairy permanently. Watch.