Security News > 2021 > June > US: Russian threat actors likely behind JBS ransomware attack

The White House has confirmed today that JBS, the world's largest beef producer, was hit by a ransomware attack over the weekend coordinated by a group likely from Russia.

JBS only hinted that a ransomware group caused the incident on Monday, stating that "The company's backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible."

Today, White House Principal Deputy Press Secretary Karine Jean-Pierre told reporters that Brazil-based JBS S.A. confirmed that it received a ransom demand from attackers likely from Russia.

"Meat producer JBS notified us on Sunday that they are the victims of a ransomware attack. The White House has offered assistance to JBS, and our team and the Department of Agriculture have spoken to their leadership several times in the last day. JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia," Jean-Pierre said.

"The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals. The FBI is investigating the incident and CISA is coordinating with the FBI to offer technical support to the company in recovering from the ransomware attack," the spokeswoman added.

The attack follows another ransomware incident that forced Colonial Pipeline to shut down the largest U.S. pipeline and pay a $5 million ransom.

News URL

https://www.bleepingcomputer.com/news/security/us-russian-threat-actors-likely-behind-jbs-ransomware-attack/