Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO has said.
The subsidiary of Brazilian firm JBS SA halted cattle slaughtering at all of its US plants for a day last week in response to the cyberattack, which threatened to disrupt food supply chains and further inflate already high food prices.
The cyberattack followed one last month on Colonial Pipeline, the largest fuel pipeline in the United States. It disrupted fuel delivery for several days in the US Southeast.
Ransom software works by encrypting victims' data. Typically hackers will offer the victim a key in return for cryptocurrency payments that can run into hundreds of thousands or even millions of dollars. The FBI said earlier this month that the agency was investigating about 100 different types of ransomware.
The JBS meat plants, producing nearly a quarter of America's beef, recovered faster than some meat buyers and analysts expected.
"This was a very difficult decision to make for our company and for me personally," said Andre Nogueira, CEO of JBS USA on the ransom payment. "However, we felt this decision had to be made to prevent any potential risk for our customers."
The Brazilian meatpacker's arm in the United States and Pilgrims Pride Corp, a US chicken company mostly owned by JBS, lost less than one day's worth of food production. JBS is the world's largest meat producer.
Third parties are carrying out forensic investigations and no final determinations have been made, JBS said. Preliminary probe results show no company, customer or employee data was compromised in the attack, it said.
A Russia-linked hacking group is behind the cyberattack against JBS, a source familiar with the matter said last week. The Russia-linked cyber gang goes by the name REvil and Sodinokibi, the source said.
The Wall Street journal reported on Wednesday that the JBS ransom payment was made in bitcoin.
The Justice Department on Monday recovered some $2.3 million in cryptocurrency ransom paid by Colonial Pipeline Co, cracking down on hackers who launched the attack.