JBS Ransomware Attack Update: JBS Operations Restored; FBI Names REvil Behind The Attack

Days after the meat producer giant JBS Foods suffered a ransomware attack; it’s now back to business. While JBS confirms to have fully recovered from the attack, the FBI mentioned the REvil gang as the attackers behind this incident.

JBS Recovers From The Ransomware Attack

A few days ago, JBS Foods reported a cybersecurity incident that caused their IT systems to go offline. Soon after, the White House confirmed it as a ransomware attack.

While the attack caused disruptions, it didn’t impact the company’s backup servers. Also, the general ground operations continued, though the firm feared delays.

However, through a recent press release, JBS Foods has confirmed to have fully restored its operations. As stated,

The company’s swift response, robust IT systems, and encrypted backup servers allowed for a rapid recovery.

Whereas, the company also assures to recover any production losses by the next week.

As a result, JBS USA and Pilgrim’s were able to limit the loss of food produced during the attack to less than one days’ worth of production. Any lost production across the company’s global business will be fully recovered by the end of next week, limiting any potential negative impact on producers, consumers, and the company’s workforce.

Currently, the firm hasn’t reported any evidence of misuse of affected data. Yet, the investigations of the matter that started right after alerted the LEAs about the incident still go on.

FBI Identified REvil As The Culprit

While a positive update has arrived from JBS regarding service restoration, another report also hints at the progress. In their recent statement, the FBI has clearly identified the REvil (Sodinokibi) ransomware gang responsible for this attack. According to their statement,

We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.

Though, for now, nothing significant has surfaced online in this connection. Yet, it won’t be wrong to expect a major update sooner.

The recent case of the Colonial Pipeline ransomware attack is an example of the swift actions from law enforcement. Days after the FBI identified the attackers, the DarkSide ransomware gang, we heard of seizure of its servers.

Let us know your thoughts in the comments.

Related posts

Microsoft Patch Tuesday May 2024 Fixed 3 Zero-Days

Vulnerabilities In Cinterion Cellular Modems Threatened IoT And Industrial Devices

Google Admits Active Exploitation For Chrome Browser Zero-Day