The world’s largest meat company JBS from Brazil paid cyber criminals a large ransom in the ransomware attack that paralyzed production in North America and Australia last week. The company confirmed late Wednesday (local time) through its US subsidiary that it had paid a sum of 11 million US dollars (9.0 million euros).
Paid in bitcoin
“It was a very difficult decision for our company and me personally,” said Andre Nogueira, the head of JBS USA, in a press release. The ransom payment was made according to the Wall Street Journal, which first reported on it, in the cryptocurrency Bitcoin.
The cyber attack had temporarily shut down five of the largest meat factories in the United States. The US Department of Agriculture and the White House had also stepped in to alleviate potential supply problems. The US suspects a criminal group from Russia to be behind the attack.
Cyber attacks, in which encryption software is used and in which attackers demand money for the release, have recently occurred more frequently. Just a few weeks ago, an attack of this type halted the operation of one of the largest gasoline pipelines in the United States and temporarily cut fuel supplies in the country.
The operator Colonial paid hackers a ransom of $ 4.4 million (3.6 million euros), as the company later admitted.
Do not pay
US authorities actually strongly advise companies against paying ransom so as not to incentivize cyber criminals to blackmail. JBS USA stated that the decision was made in consultation with internal and external IT security experts. According to company boss Nogueira, JBS wanted to prevent potential risks for its customers by paying the ransom. In addition, they wanted to reduce unforeseen problems caused by the attack.
However, it is not clear from the communication whether and to what extent this succeeded. At the time of the ransom payment, most of the group’s infrastructure was operational, it says.
After the attack, JBS quickly emphasized that the company’s back-up servers were not affected. Ultimately, the systems could be started up again relatively quickly. However, this is due to its own computer security, the company has now explained. JBS spends more than $ 200 million annually on IT.