Hacked meat giant’s $11M Bitcoin ransom was insurance against more attacks
Hacked meat company JBS says paying an $11 million Bitcoin ransom was the “right thing to do” despite already bringing nearly all its systems back online.
As reported by the Wall Street Journal (WSJ), Russian-speaking ransomware outfit REvil (also known as Sodinokibi) hit JBS at the end of May.
The cyberattack knocked parts of JBS’ US and Australian-based beef and pork processing out of action.
Brazil’s JBS (the world’s largest meat producer) reportedly called the FBI right away, and after conducting in-depth forensic analysis the company restored almost everything with backup data.
But behind the scenes, JBS’ tech boffins feared devastating follow-up attacks.
As a result, JBS continued to work with its hackers to find a solution that suited all parties.
JBS eventually talked its ransomers down from an initial $22.5 million in Bitcoin to a still-significant $11 million.
“We didn’t think we could take the risk that something could go wrong in our recovery process. It was insurance to protect our customers,” said JBS’ US chief exec Andre Nogueira to the WSJ.
“It was very painful to pay the criminals, but we did the right thing.”
Paying Bitcoin ransoms could encourage more
The JBS incident is just one of many recent significant ransomware attacks.
Still, the official line from the authorities is to refuse the demands.
In the wake of May’s cyber-siege on Colonial Pipeline — the biggest fuel carrier in the US — president Joe Biden’s energy secretary Jennifer Granholm told CNN: “You shouldn’t be paying ransomware attacks because it only encourages the bad guys.”
The FBI shared similar sentiment in 2019, when the US was in the grips of its first big ransomware wave.
However, the powers that be are yet to outlaw ransom payments altogether.
[Read more: Colonial Pipeline forgets to mention it already paid $5M Bitcoin to hackers]
That’s not to say the US government isn’t taking the situation seriously.
Last week, The Guardian noted US officials had hinted Biden would even consider military response to ransomware hackers.