Federal agencies recommend not paying hackers ransom.
“This was a very difficult decision to make for our company and for me personally,” JBS USA CEO Andre Nogueira said in a statement. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
The company said it paid the ransom to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.”
According to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, ransomware is a type of malware that shuts down a company’s computer infrastructure with hackers demanding payment to unlock the system.
Earlier this month, the FBI attributed the infiltration to Russia-based hackers.
JBS said it was in constant contact with federal officials, and while investigations are ongoing, “preliminary investigation results confirm that no company, customer or employee data was compromised.”
The company said it spends $200 million annually in IT services.
JBS is not the first company to recently pay ransom to cyber criminals based in Russia.
Last month, Colonial Pipeline was also hit with a ransomware attack and admitted to paying $4.4 million in bitcoin to hackers from the group DarkSide.
“We needed to do everything in our power to restart the system quickly and safely,” the company said in a statement at the time. “The decision was made to pay the ransom. This decision was not made lightly, however, one that had to be made.”
On Monday, Justice Department officials announced they recovered some of the ransom payment through a federal search warrant.
Federal officials urge companies not to pay ransom to cyber criminals.
In an exclusive interview with Chief Justice Correspondent Pierre Thomas, Homeland Security Secretary Alejandro Mayorkas said Tuesday he understands the complexity and difficulties that companies are facing with the decision to pay the ransom as Colonial did.
“That is putting profit in the pockets of the criminal and only motivating them to continue their criminal behavior. So we do not support the payment of the ransomware. But at the same time here we understand the challenge that a company faces,” Mayorkas said.