JBS, bigger meat company of the world, paid no less than US$ 11 million (R$ 55,69 million) to a group of hackers, who managed to hack into systems of the company last week. The invaders temporarily shut down the company's factories in the United States, Canada and Australia.

The ransom, which was paid in Bitcoin, had the function of protecting the company from further interruptions, in addition to limiting the potential impact that a major stoppage would have on suppliers and buyers.

advertising

"It was very painful to pay the criminals, but we did the right thing for our clients", declared André Nogueira, president of the American division of the Brazilian giant, to The Wall Street Journal. Nogueira added that payment was only made after most factories had resumed production thanks to secondary backups of the company's data, which are encrypted.

serial attacks

Image shows two men beside a Colonial Pipeline duct
A pipeline manager also had to pay a million-dollar ransom to recover her systems. Credit: Reproduction/Colonial Pipeline

The JBS attack was part of a series of ransomware incursions, in which a number of companies were extorted into paying multi-million ransoms in order to regain control of their operating systems. In addition to the refrigerator, the pipeline operator that brings gasoline to parts of the US East Coast had to pay around $4,5 million to regain control of its operations and restore service.

According to Nogueira, JBS was aware of the attack on the morning of May 30, a Sunday, when members of the technology area noticed abnormalities in the functioning of some servers. Then they found a message that demanded payment of a ransom to release the company's system.

Read more:

JBS immediately reported the attack to the Federal Bureau of Investigation (FBI), and the company's technology team shut down the meat supply system to try to delay the attack's progress. The next step was to call technology vendors who had previously worked with the company, as well as digital security experts and consultants, who began negotiating with the attackers.

Investigations

According to the FBI, those responsible for the attack would be members of the REvil group, a criminal organization specializing in ransomware attacks. According to André Nogueira, external companies are conducting forensic analysis on JBS' technology systems to try to define how attackers accessed the company's data, but this is still not clear.

However, the company is confident that no customer, supplier, or employee data was exposed in the attack, based on data already obtained by forensic analysis. “We didn't think we could run this risk that something could go wrong in our recovery process,” Nogueira said of the decision to pay the offenders. "It was insurance to protect our customers."

Have you watched our new videos on the UAF YouTube-channel? Subscribe to our channel!