The U.S. Federal Bureau of Investigation announced that a hacking group linked to Russia is behind the attack on the world's largest meat company. The FBI stated that it will work to bring the group known as "REvil" to justice for the cyberattack that targeted "JBS." This cyberattack temporarily halted some operations of the company in the United States, Canada, and Australia. REvil is known for carrying out ransomware attacks and is one of the most profitable gangs in the world in this regard.
The FBI's statement said, "We attribute the attack on JBS to REvil and are working hard to bring those who represent the threat to justice." The White House announced on Wednesday that U.S. President Joe Biden would address the issue of cyberattacks when he meets with Russian President Vladimir Putin in two weeks. White House press secretary Jen Psaki stated: "Countries that have responsibility do not harbor malicious ransomware criminals."
JBS stated that it successfully resumed its meat packaging operations on Thursday in the United States, where the largest five beef processing plants are located. The company did not disclose whether it paid a ransom to the hackers. Ransomware attacks are one of the most common forms of cyberattacks, involving breaching a computer network, gaining control, encrypting files, or preventing users from accessing their systems until a ransom is paid.
JBS is a multinational company, the largest meat supplier in the world, with 150 plants in 15 countries. The company was founded in Brazil in 1953 and now employs over 150,000 people worldwide. JBS processes nearly a quarter of the beef in the United States and one-fifth of the pork. In 2019, connections emerged between the REvil group and a coordinated attack on nearly twenty local government agencies in Texas. Last month, fuel delivery in the southeastern United States was disrupted for several days following a cyberattack on the Colonial Pipeline.
The United States has urged companies not to pay ransoms to cybercrime gangs. Investigators say the attack on the pipelines is linked to another group known as "DarkSide," which also has ties to Russia. Colonial Pipeline confirmed that it paid $4.4 million in ransom to the attackers. The U.S. government has previously advised companies against paying ransoms, as it encourages hackers to carry out more attacks.
