In an unprecedented and unprovoked cyber-attack, one of the worst any company anywhere in the world has ever been subjected to, the world’s largest meat producer, JBS (JBSS3) has been forced to pay $11 million in order to regain control of their computer systems following a ransomware hack.
Australian, Canadian and American plants went offline as their security systems were compromised as the result of the vicious cyber attack on its servers that store production data for the 3 countries. Beginning on May 31, 2021, and lasting until June 3, 2021, JBS made the decision to halt production of their plants in Australia, Canada, and the United States, disrupting the supply of red meat in each nation.
The Effects of the Attack
The company’s management and IT security company handled the critical situation extremely well by halting production and assigning round-the-clock cybersecurity experts to solve the issue, resulting in losses being limited to only one day’s worth at a currently undisclosed cost. As such the limited cost of the disrupted production is thought to be unlikely to affect the cost of meat to consumers.
Recently, in a widely distributed press release, JBS confirmed that they had paid the attackers $11,000,000 in order to be reinstated as the controllers of their own systems and to ensure that no company-sensitive data was stolen or redistributed on the dark web. JBS CEO Andre Nogueira stated that the decision to pay was difficult, both personally and to the company.
Who Was Responsible
According to the Federal Bureau of Investigation, the notorious hacker group “REvil” was responsible for the attack and, in a press release, have stated:
“We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice“.
REvil is thought to be based within Russia since they appear to attack non-Russian and non-Eastern Bloc organizations. However, at this time no one knows exactly where they operate from. Since 2020, the group is believed to have been involved in some of the most notorious hacking incidents in cyberspace with high-profile targets such as former president Donald Trump, the UK’s Harris Federation, and celebrity singers Madonna and Lady Gaga.
A Worrying Trend
The attack on JBS came just a little over 3 weeks after a similar attack on the Colonial pipeline that carries gasoline to the southeastern United States and cost the company $4.4 million dollars in Bitcoin to resolve by paying its attackers, DarkSide, with the digital currency.
Other high-profile hacking attacks of 2021 have been perpetrated on AAA video games companies such as CD Projekt RED and most recently Electronic Arts. CD Projekt RED suffered the attack in February while still trying to recover from the botched launch of Cyberpunk 2077 and EA confirmed on June 10 that they had also suffered an attack.
In both cases, valuable source code was stolen such as the code for Cyberpunk 2077, FIFA 21, and EA’s Frostbite game engine. However, CD Projekt RED also suffered the theft of employee personal data with all items later confirmed to have been sold on the dark web with the company recently confirming that it is still suffering the effects of the breach.