Meat processor JBS USA paid an $11 million ransom to hackers who had accessed its computer systems, the CEO told the Wall Street Journal.
The cyberattack, which took place over the Memorial Day weekend, temporarily shut down almost all of JBS’s North American operations, as well as locations in Australia and Canada. CEO Andre Nogueira confirmed to the Journal that JBS paid the ransom in bitcoin.
JBS had regained control of most of its operating systems a couple of days after the attack, using backed-up data. But Nogueira said the company decided to pay to safeguard against future attacks.
The payment was made to REvil, a syndicate of hackers that has claimed responsibility for numerous ransomware attacks. These attacks typically render a company’s data inaccessible until the victim pays for decryption tools.
Nogueria said JBS used consultants and professional ransomware negotiators to deal with REvil, keeping the FBI informed throughout. “It was very painful to pay the criminals, but we did the right thing for our customers,” he told the Journal.
Ransomware is rapidly replacing identity theft as business’s biggest problem with hacking. The official stance of the FBI and of many governments around the world is not to give in to extortion, but many executives find it easier and cheaper to pay up.