JBS paid $11M in Bitcoin to resolve ransomware attack

The cyberattack forced the meat producer to shut down some plants, prompting concerns about possible meat shortages.

Steven Musil Night Editor / News

Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.

Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.

See full bio

Steven Musil

June 10, 2021 7:34 a.m. PT

2 min read

gettyimages-1233234775 — Several JBS USA meat processing plants were paralyzed earlier this month by a cyberattack.
Getty Images

One of the biggest meat producers in the US paid $11 million to cybercriminals responsible for a ransomware attack that temporarily knocked out processing plants last week, the company said Wednesday.

JBS USA made the payment to avoid further disruption to production and to limit the impact on restaurants, grocery stores and farmers, said Andre Nogueira, chief executive of the US division of Brazilian meat company JBS.

"This was a very difficult decision to make for our company and for me personally," Nogueira said in a statement. "However, we felt this decision had to be made to prevent any potential risk for our customers."

JBS' payment was made in Bitcoin, according to The Wall Street Journal, which reported the payment earlier Wednesday.

Following the hack, JBS reportedly had to halt operations at its five largest beef plants in the US as well as some other facilities, prompting concerns about possible meat shortages. The five plants together reportedly process 22,500 head of cattle per day. Some plants in Australia were also reportedly impacted.

The attack came just weeks after hackers targeted the Colonial Pipeline, one of the largest gas pipelines in the US, with a ransomware hack. The attack highlighted the vulnerability of the country's critical infrastructure, which has been the target of an increasing number of cyberattacks.

More on ransomware

JBS informed US officials that its servers in the US and Australia had been the victim of a ransomware attack likely launched by a criminal group based in Russia, White House Deputy Press Secretary Karine Jean-Pierre said earlier this month.

"Preliminary investigation results confirm that no company, customer or employee data was compromised," JBS said in Wednesday's statement.

The FBI is investigating the incident, and the White House is engaging with the Russian government on the matter. Biden is expected to raise the issue with Russian President Vladimir Putin during their June 16 summit.

"Ransomware attacks against critical infrastructure are of an even higher order of magnitude of concern for us, whether that's about a pipeline or meat supply or a hospital system or other areas of critical infrastructure," White House Press Secretary Jen Psaki told reporters on Wednesday. "The president will talk to President Putin about our concerns on this front."