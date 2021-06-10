



JBS, the world’s largest supplier of beef, paid ransomware hackers who hacked its computer networks about $ 11 million, the company said Wednesday. The company was hacked in May by REvil, one of a number of Russian-speaking hacker gangs, leading meat plants across the US and Australia to close for at least a day. News of the payment was first reported by The Wall Street Journal. Like many other ransomware groups, REvil has made millions in recent years of piracy organizations encrypting their files and demanding fees, often large bitcoin payments, in exchange for a decryption program and a promise not to disclose files. in public. In a statement, JBS indicated that while it was able to extract most of its systems without the help of REvil, it chose to pay to keep its files secure. “At the time of payment, the vast majority of the company’s equipment was operational,” the company said in an email statement, adding that it “took the decision to mitigate any unforeseen issues related to the attack and ensure that no data had not been explored. “ Charles Carmakal, chief technology officer of cyber security firm Mandiant, said that while such a price may seem high, it is not uncommon for a successful ransomware attack. “For an organization like theirs, it feels like it’s a fairly common extortion claim,” Carmakal said. “For larger organizations, you will tend to see eight-digit extortion claims,” ​​he said. “Sometimes, you will see what I believe are really big demands, going up to 40, 45, 50 million. Most people do not want to pay that much and will try to negotiate it as best they can. they can. “ The US government has long recommended that ransomware victims not pay their attackers, even though most ransomware gangs are not sanctioned entities and their payment is not illegal. JBS CEO Andre Nogueira defended the decision to pay. “This was a very difficult decision to make for our company and for me personally,” Nogueira said in a statement. “However, we thought this decision should be taken to prevent any potential risk to our customers.” The news of the JBS payment follows the congressional testimony of Joseph Blount, CEO of Colonial Pipeline, a major U.S. fuel pipeline that was recently hacked by another Russian ransomware group called DarkSide. In Senate testimony Tuesday, he said the decision to pay was “the right thing to do for the country.” In an unusual move, the Justice Department announced Monday that it was able to recover part of the colonial payment sent to its hackers. The FBI declined to give specifics on how, however, leaving it unclear how often such a tactic could be put in place. CORRECTION (June 9, 2021, 10:35 pm ET): An earlier version of this article mistyped the Colonial Pipeline CEO’s last name. He is Joseph Blount, not Blout.

