REvil, A Notorious Ransomware Gang, Was Behind JBS Cyberattack, The FBI Says
Posted June 3, 2021
- The world’s largest meat processing company has resumed most production after a weekend cyberattack, but experts say the vulnerabilities exposed by this attack and others are far from resolved.
- In a statement late Wednesday, the FBI attributed the attack on Brazil-based meat processor JBS SA to REvil, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months.
- REvil has not posted anything related to the hack on its dark web site. But that’s not unusual. Ransomware syndicates as a rule don’t post about attacks when they are in initial negotiations with victims — or if the victims have paid a ransom.
- JBS said late Wednesday said that it expects to resume production at all its plants on Thursday and be running at “close to full capacity” across its global operations.
- President Joe Biden intends to confront Russia’s leader, Vladimir Putin, about his nation’s harboring of ransomware criminals when the two meet in Europe in two weeks.
- JBS is the second-largest producer of beef, pork and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.
- The plant closures reflect the reality that modern meat processing is heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process; orders, billing, shipping and other functions are all electronic.
| June 3, 2021