Geeks for your information
REvil Ransomware Ground Down JBS: Sources - Printable Version

+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Privacy & Security News (https://www.geeks.fyi/forumdisplay.php?fid=107)
+--- Thread: REvil Ransomware Ground Down JBS: Sources (/showthread.php?tid=15209)



REvil Ransomware Ground Down JBS: Sources - silversurfer - 02 June 21

Quote:The cyberattack that flattened operations at JBS Foods over the weekend was indeed a ransomware strike, the global food distributor has confirmed, with sources pointing to the REvil Group as the responsible gang.
 
Four people familiar with the matter who weren’t authorized to speak publicly told Bloomberg that the notorious Russia-linked hacking group is behind the attack against JBS SA. The REvil cyber gang also goes by the name Sodinokibi.
 
REvil is known for both audacious attacks on the world’s biggest organizations and suitably astronomical ransoms. In April, it put the squeeze on Apple just hours before its splashy new product launch, demanding a whopping $50 million extortion fee: a bold move, even for the notorious ransomware-as-a-service (RaaS) gang. The original attack was launched against Quanta, a Global Fortune 500 manufacturer of electronics, which claims Apple among its customers. The Taiwanese-based company was contracted to assemble Apple products, including Apple Watch, Apple Macbook Air and Pro, and ThinkPad, from an Apple-provided set of design schematics.
 
The JBS attackers targeted several servers supporting North American and Australian IT systems of JBS Foods on Sunday, according to a statement by JBS USA. JBS is a global provider of beef, chicken and pork with 245,000 employees operating on several continents and serving brands such as Country Pride, Swift, Certified Angus Beef, Clear River Farms and Pilgrim’s.
 
The “vast majority” of JBS Foods’ beef, pork, poultry and prepared foods plants will be operational by today, the company said on Tuesday.
Andre Nogueira, JBS USA CEO, said in a statement that the company’s systems are coming back online and that it’s “not sparing any resources to fight this threat.” JBS has cybersecurity plans in place for these types of incidents and is successfully executing them, he said. In the case of a ransomware attack, that means relying on backups. Fortunately, JBS’ backup servers weren’t affected, and it’s been working with a third-party incident-response firm to restore operations as soon as possible.

Read more: REvil Ransomware Ground Down JBS: Sources | Threatpost