Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, though the company’s IT budget is around $200 million per year.
The subsidiary of Brazilian firm JBS halted cattle slaughtering at all of its U.S. plants for a day last week in response to the cyberattack, which threatened to disrupt food supply chains and further inflate already high food prices.
JBS USA’s ability to resolve the issues resulting from the attack was due to its cybersecurity protocols, redundant systems and encrypted backup servers. The company spends more than $200 million per year on IT and employs more than 850 IT professionals globally, the company’s CEO said in a statement.
The cyberattack followed one last month on Colonial Pipeline, the largest fuel pipeline in the United States. It disrupted fuel delivery for several days in the U.S. Southeast.
The JBS meat plants, producing nearly a quarter of America’s beef, recovered faster than some meat buyers and analysts expected.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, CEO of JBS USA on the ransom payment. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The Brazilian meatpacker’s arm in the United States and Pilgrims Pride Corp, a U.S. chicken company mostly owned by JBS, lost less than one day’s worth of food production. JBS is the world’s largest meat producer.
Third parties are carrying out forensic investigations and no final determinations have been made, JBS said. Preliminary probe results show no company, customer or employee data was compromised in the attack.
A Russia-linked hacking group is behind the cyberattack against JBS, a source familiar with the matter said last week. The Russia-linked cyber gang goes by the name REvil and Sodinokibi.
The Wall Street journal reported on Wednesday that the JBS ransom payment was made in bitcoin.
The Justice Department on Monday recovered some $2.3 million in cryptocurrency ransom paid by Colonial Pipeline Co, cracking down on hackers who launched the attack.