Teri Robinson | Securityboulevard.com »
If those burgers you throw on the grill are even more expensive this summer, this might be one of the reasons.
Meat processor JBS USA paid out $11 million to hackers after a ransomware attack compelled it to shutter beef processing in the U.S. and parts of Australia last week.
“This was a very difficult decision to make for our company, and for me personally,” JBS USA CEO Andre Noguira said in a statement.
I bet it was. $11 million is more than double what Colonial Pipeline paid in ransom to recover from an attack that caused it to shut down its gas pipeline, causing both fuel shortages and spikes in fuel prices along the Eastern Seaboard and in some southern states.
JBS, like Colonial, felt it had to pony up “to prevent any potential risk for our customers.” Risks as in cutting off their meat supply? Or cyberattack risks? Or both? Because the former happened; it’s too early to tell if the hackers are an ‘honorable’ bunch and won’t use any sensitive data they may have tapped to go after the operations of the companies JBS supplies.
“It’s a tough call to pay ransomware demands, but if the victim organization is covered by insurance, it’s a no brainer. Pay or suffer. So they’ll pay,” said Gurucul CEO Saryu Nayyar.
“We know that cybercriminals are running a business, and their goal is to make money. They target organizations they know can and will pay,” said Nayyar. “And they often base their ransom value on the victim’s cybersecurity insurance limits.”
And that means insurance companies will bear a good portion of the burden of paying up—for as long as they agree to do so, that is.
“This will definitely cause blowback, as insurance companies won’t be able to continue making ransomware payments at an escalating rate,” said Nayyar.
The answer, he contends, is backing up “everything, always;” placing a high priority on the business continuity plan.
That seems to be the tactic that Fujifilm took. The company confirmed an unauthorized access incident, discovered June 1, was indeed a ransomware attack and shut down all networks and servers “to determine the extent and the scale of the issue.”
The company, which makes processing technology for COVID-19 tests, found that the unauthorized access was “confined to a specific network in Japan,” and started to bring systems back up.
Sound familiar? Why, yes, it does. The attack and initial response mirrors those of other companies that have recently fallen victim to ransomware attacks. But with one big, huge, $11 million (or, in the case of Colonial Pipeline, $4.4 million) difference. Fujifilm did not pay the ransom. Instead, it restored systems from backups, according to reports.
A spokesperson was cited as saying, “Fujifilm Corporation in Tokyo does not comment on the demand, but I can confirm we have not paid any ransom.”
The spate of recent ransomware attacks that grabbed the nation’s and the world’s attention are a painful reminder of the downside and the vulnerabilities inherent in a connected world where the supply chain is long and varied. “Connect the dots. These are concerted threats to everyday living that demand an even more concerted defense,” said Hitesh Sheth, president and CEO at Vectra.
In other words, at least when taken at face value, be like Fujifilm.
External Link: Who Wore It Better? JBS Paid Ransom, Fujifilm Did Not