“This was a very difficult decision to make for our company and for me personally,” JBS USA Chief Executive Officer
The ransom payment was made in Bitcoin, according to a spokesperson for JBS Brazil.
“Private companies should not pay ransom,” a White House National Security Council spokesperson said Wednesday night, without mentioning JBS. “It encourages and enriches these malicious actors, continues the cycle of these attacks, and there is no guarantee companies get their data back.”
The spokesperson reiterated calls for more cooperation between the government and the private sector to deter ransomware attacks and for companies to “put in place the cybersecurity defenses to meet the threat.”
The $11 million payoff was split and sent to two addresses, a common feature of third-party extortion software where the developer gets a cut, said Tom Robinson, co-founder of Elliptic, which advises crypto firms and regulators on financial-crime risk. The affiliate got about 7% of the JBS payment, which it sent to a privacy-focused wallet, while about $70,000 went to ChipMixer, a so-called mixing service that also makes it harder to trace coins, he added.
“We can’t tell whether law enforcement has seized any of it, but we wouldn’t expect to see law enforcement use mixers/privacy wallets,” Robinson said in an email.
The cyberattack on
The global shutdowns alarmed the agricultural industry and raised concerns about food security as hackers increasingly target critical infrastructure. Operations have returned to normal levels and the company expected lost production to be
Dow Jones had earlier reported the JBS ransom payment. JBS’s American depositary receipts were down 0.5% at $11.65 at 2:57 p.m. in New York and have advanced 27% this year.
JBS is the latest company to pay off criminal hackers.
Later, the U.S.
The recent spate of cyberattacks has prompted lawmakers to push for
JBS in its latest statement said the vast majority of the company’s facilities were operational at the time of payment. It made the decision to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated” in consultation with internal IT professionals and third-party cybersecurity experts.
The company added it has maintained constant communications with government officials throughout the incident, and that third-party forensic investigations are still ongoing.
(Updates with JBS depositary receipts in 10th pargraph. A previous version of this story corrected the recipient of part of the payoff in sixth paragraph.)
--With assistance from
© 2021 Bloomberg L.P. All rights reserved. Used with permission.