First oil, now beef. What's next?
The FBI is now blaming the Russian hacking group REvil, also known as Sodinokibi, for the massive ransomware hack that threatened about a quarter of the US beef supply.
REvil, which the BBC reports is one of the most prominent and profitable hacker groups in the world, specifically targeted the meat processing giant JBS, shutting down operations in the US, Canada, and Australia. REvil, which launches attacks and sells its ransomware tech to other cybercriminals as enterprise software, has been behind a number of other high-profile cyberattacks, according to BBC, and now US officials are calling on Russia to stop providing the group with safe harbor.
Ransomware attacks have posed a serious threat to US infrastructure this year. Last month, a different Russian organization held a major US pipeline hostage, causing fuel shortages in the southeast. Biden plans to address the issue in an upcoming meeting with Russian President Vladimir Putin later this month, according to the BBC.
But in the meantime, the Biden administration published a memo on Wednesday urging business leaders to ramp up their cybersecurity protocols.
“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” reads the memo, which was obtained by Axios.
JBS plans to resume US operations on Thursday, according to BBC, but it’s not clear if the company paid REvil’s ransom or if the issue was otherwise resolved.
Typically, officials will tell the victims of ransomware attacks to avoid paying, lest they attract or encourage more hacks in the future. But given the complexity of the situation, companies and governments that are compromised by ransomware are often left with little choice, as the digital infrastructure seized by hackers tends to be too important for them to operate without it.
READ MORE: JBS: FBI says Russia-linked group hacked meat supplier [BBC]
More on the meat hack: Hackers Shut Down Almost a Quarter of the US Beef Supply