{"id":7536,"date":"2021-06-16T20:21:40","date_gmt":"2021-06-17T03:21:40","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=7536"},"modified":"2023-04-05T12:40:02","modified_gmt":"2023-04-05T19:40:02","slug":"revil-brings-down-jbs-the-worlds-largest-meat-packer","status":"publish","type":"post","link":"https:\/\/10.42.32.162\/articles\/revil-brings-down-jbs-the-worlds-largest-meat-packer\/","title":{"rendered":"REvil Brings Down JBS\u2014the World\u2019s Largest Meatpacker"},"content":{"rendered":"

REvil ransomware<\/a> uses six vulnerabilities to target its victims. If these had been remediated and patched on priority, JBS\u2014the world\u2019s largest meatpacker\u2014could have escaped this attack. <\/strong><\/p>\n

Securin warned about these vulnerabilities in its Ransomware Spotlight Report published in February 2021.<\/strong><\/p><\/blockquote>\n

On May 30, 2021, JBS, the world\u2019s largest meat producer, fell victim to a REvil ransomware attack<\/a> forcing the company to shut down its operations in the US, Canada, and Australia. This disruption to the food and meat industry halted cattle slaughter and resulted in increased meat prices during the Memorial Day weekend in the US. It also stopped beef production in Canada and Australia, and it took around a week to restore operations.<\/p>\n

\n

Sources indicate that an APT group named Pinchy Spider (from Russia) might be behind this attack.<\/p>\n<\/blockquote>\n

We know that attackers are going after critical sectors such as food, manufacturing, energy, and oil & gas to create the maximum disruption and collect millions of dollars as ransom. Colonial Pipeline paid over $5 million to its attackers to restore the gasoline supply. CNA Financial paid a whopping $40 million\u2014<\/strong> one of the largest ransomware payments to date. The FBI recovered $2.3 million\u2014<\/strong>about half of the ransom paid by Colonial Pipeline\u2014<\/strong>after gaining access to the bitcoin account where the money was deposited. Most recently, JBS paid an $11 million ransom<\/a> to attackers to protect its customers and resume operations.<\/p>\n

\n

Most ransomware gangs like REvil<\/a> are going after organizations whose supply chain, if affected, can cause widespread panic and chaos.<\/p>\n<\/blockquote>\n

REvil has so far attacked the Telecom website of Sri Lanka<\/a>, Fujifilm<\/a> in Japan, and Sol Oriens<\/a>, a nuclear weapons subcontractor to the US Department of Energy, just in the month of May 2021, and it will continue to go after critical entities that would not hesitate to pay the ransom. The latest in the spate of attacks by REvil is a cyberattack on Invenergy<\/a>, a renewable energy company based in the US, and on Grupo Fleury<\/a>, the largest medical diagnostics company in Brazil. A $5 million ransom has been supposedly demanded in the latter.<\/p>\n

Securin’s analysts delved deep into the vulnerabilities the group goes after and provide actionable insights that would help organizations stay safe from these types of attacks.<\/strong><\/p>\n

All about REvil<\/h2>\n

REvil ransomware gangs typically target six vulnerabilities, and incidentally, all of them are featured in Securin\u2019s Ransomware report<\/a> published in February 2021.<\/p>\n