JBS USA confirmed this week that it paid the equivalent of $11 million in ransom in response to the criminal hack against its operations. At the time of payment, the vast majority of the company’s facilities were operational. In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO, JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The Federal Bureau of Investigation (FBI) has attributed the attack to REvil and Sodinokibi, calling it “one of the most specialized and sophisticated cybercriminal groups in the world.”
The FBI stated JBS USA’s ability to quickly resolve the issues resulting from the attack was due to its cybersecurity protocols, redundant systems and encrypted backup servers. The company spends more than $200 million annually on IT and employs more than 850 IT professionals globally.
JBS USA has maintained constant communications with government officials throughout the incident. Third-party forensic investigations are still ongoing, and no final determinations have been made. Preliminary investigation results confirm that no company, customer or employee data was compromised.
Meanwhile, any lost production across the company’s global business was expected to be recovered by the end of this week.