JBS, the largest meat producer, paid a $11 million ransom, according to Andre Nogueira, chief executive of Brazilian JBS SA’s U.S. division who shared this information with The Wall Street Journal. No data has been leaked as believed by the company. The decision was said to be painful but right. The transfer was made in Bitcoin in the beginning of June when the incident occurred. The case interfered with the normal flow of several JBS enterprises in Canada and Australia messing up the supply chain and could trigger the growth of the product price.
“Сost per minute of downtime can be an issue”, says Alexey Drozd, Head of Information Security Department at SearchInform. “When production is massive these risks are considerable. If one week of downtime costs $100 million and the ransom is $10 million, it’s no surprise that a company might choose to pay ransom instead of letting a 100-million-dollar week out of control.
That’s why the business has to pay. Anyway, there is no absolute protection. An employee could open a phishing link, could be blackmailed or offered money. What makes sense is ensuring a high-quality protection architecture within a company. When one node or some part of the network is completely compromised, the smart protection architecture allows the rest of the infrastructure work smoothly. Therefore, such an “infection” should be identified, the infected part – detached, the consequences – sorted out. It is obvious that such a protection architecture isn’t completed even in a large company.
A hacker seems to have been a so-called Uncatchable Joe all this time – if you’re not attacked, it doesn’t mean that you’re protected. Probably it’s because no one has taken aim at you yet”.
A similar scheming was applied by hackers during the attack on the Colonial Pipeline in May 2021. That was when the pipeline operator had to pay more than $4 million in cryptocurrency. Recently, the FBI has reported that about half of this money had been returned. The virtual wallet was intercepted.
The cyberattack on JBS is being investigated by the FBI. US law enforcement officials believe that the group originates from Russia and is known as REvil. In addition, according to US media reports, the Darkside hackers who carried out the attack on the Colonial Pipeline could also be of Russian origin.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!