What happened? JBS USA [part of J.B.S S.A group] confirmed that the company has paid $11 million(80.60 crore Indian rupees) in ransom to the cyber attackers who launched an ransomware attack. The said attackers are alleged to be behind the disrupted North American and Australian operations. The confirmation was given out by CEO of the company in a statement. How bad was the attack on the company? The cyber attack is said to have affected the company in a bad way. The effect was so bad that JBS SA had to halt all the processes their meat productions were doing in the USA plants for a day last week. The step was taken in response to the threat of a disrupted food supply chain and which could have resulted in inflation of already higher food prices. JBS meat plants are known for producing nearly a quarter of the total meat in America. What is a ransomware attack? A ransomware is a malicious piece of code known as malware, designed to target businesses and organizations with deep pockets in order to extort money in exchange of freeing their confidential data which gets encrypted by the malware. Usually, the data that is targeted are
  • Company deals.
  • patented formulae/software.
  • businesses/organizations secret.
  • Confidential Business information.
  • Confidential User information.
  • Confidential Employee/ Employer information.
  • government confidential reports/files etc.
Who have been targeted by the ransomware up till now? The ransomwares on occasions have targeted:
  • Defense industry.
  • aerospace industry.
  • healthcare industry.
  • Manufacturing industry.
  • I.T Industry.
Apart from the industries mentioned above, countries like USA, Canada, UK, Germany, Taiwan, India, Australia, Japan, Brazil, South Korea etc. have been targeted by ransomwares. What did the CEO had to say about the attack? what other losses were incurred? Andre Nogueira, CEO of JBS USA said, “This was a very difficult decision to make for our company and for me personally. However, we felt this decision had to be made to prevent any potential risk for our customers.” JBS said, Third parties are carrying out forensic investigations and no final determinations have been made. No company, customer or employee data was compromised in the attack they added. The JBS USA and Pilgrims Pride Corp, a US chicken company owned by JBS, lost a total of one day’s worth of food production. that’s a lot of produced food wasted if the size of the companies contribution to the market is taken under consideration. Who are the one’s behind this cyber attack? Does the attack follows a pattern? According to the sources, The cyber attack was allegedly executed by Russian cyber criminal group REvil/Sodinokibi. The ransom paid by the company is said to be have made in bitcoin. If we move back a month ago, a similar kind of attack was done on the Colonial pipeline, which is considered as the largest fuel pipeline in the USA. The outcome was a disrupted fuel delivery for many days in the southeastern US region. What should you do to prevent yourself/company from such ransomware attacks? Data breaches, Data leaks, DDoS, Ransomware attacks, Defacing of websites etc. can be quiet damaging to not only the finances of a organization/individual but also affects their reputation and other aspects in the industry. There aren’t any proactive counter measures which can help you during such attacks though. Hence, it is always better to prepare, as Prevention is better than cure. Here are some steps you can take to ensure your preventive measures against such scenarios:
  • Educate and train yourself & your employees against such attacks. Training against the known attack procedures can help you in long way.
  • Do not open any email whose source can’t be trusted. report the same to your admins for further investigation.
  • It is better to backup all the data that is being stored in your devices or servers. it is always better to have offline backups which can come in handy during such scenarios.
  • Rely on a good and trusted Security tools and solutions. No compromise can be done here as they are guarding your business.
  • Keep your private and work devices separate. If not possible, at least use different user environment on devices.
  • Use trusted VPN provider for your/organization devices and network. Don’t fall into the free VPN trap. They usually don’t work and store your information.
  • Always keep your devices up to date. You should install all the latest patch, drivers that are released only by the hardware manufacturer of your devices.
  • Try not to access websites whose identity cannot be verified. Most of these websites can be identified by their shady website UI and offering of Paid software’s in free.
  • Always listen to your IT Security consultant and plan your steps accordingly. You might know your business well, but your IT security consultant knows your systems and network better.
  • Do not pay ransom to the ransomware operators ever. This would never ensure whether you would get your data back or the operators would not public or delete your data.

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Have some thoughts? why not share with us here.