Ransomware
NPR / Wikipedia / CNN Business
Primary Source βIncident Details
REvil (Russian) ransomware attack on JBS S.A., world’s largest meat processor, May 30 2021. Disrupted beef and pork slaughter facilities in US, Canada, Australia. JBS paid $11M USD in Bitcoin. CEO cited risk to customers as reason for paying. DHS internal records later revealed JBS cybersecurity was ‘unusually poor’ before attack. FBI identified REvil as responsible. Attack occurred just weeks after Colonial Pipeline incident. No evidence of customer data theft.
Technical Details
- Initial Attack Vector
- CWE-521: Weak Password Requirements (brute-forced or leaked credentials; poor overall security posture confirmed by DHS internal review)
- Vendor / Product
- JBS USA meat processing systems
- Malware Family
- REvil / Sodinokibi
Timeline
- 2021-05-30 Breach occurred
- 2021-06-01 Publicly disclosed
- 2021-06-01 Customers notified