Ransom payment from slaughterhouse operator in Arizona and other states attracts attention from Congress

The chair of a congressional committee has requested internal documents from the world’s largest beef processor after the company disclosed it paid an $11 million ransom over a cybercrime attack that closed slaughterhouses in Arizona and other states.

Rep. Carolyn B. Maloney, D-New York, chairwoman of the House Committee on Oversight and Reform, sent a letter to Andre Nogueira, CEO of JBS Foods USA, requesting documents related to the company’s payment to a cybercriminal group. The May 30 attack temporarily idled nine beef slaughterhouses, including one in Tolleson where most of the company’s more than 1,800 Arizona employees work.

The FBI said the Russian cybercrime group REvil was responsible for the attack.

The $11 million paid by JBS in Bitcoin was almost three times the $4.4 million ransom forked over by Colonial Pipeline in early May to resolve an attack that slowed the shipment of fuel in the eastern United States. The FBI on June 7 said it recovered $2.3 million of that payment. Biden Administration officials recently cited cybersecurity as an urgent national security threat.

“Any ransom payment to cybercriminal actors like REvil sets a dangerous precedent that increases the risk of future ransomware attacks,” Maloney wrote in the letter. “Congress needs detailed information about the attack to legislate effectively on ransomware and cybersecurity in the United States.”

Maloney's June 10 letter requests information including communications with the attackers and details of the company's Bitcoin transactions.

Ransom followed plant reopenings

JBS on June 9 acknowledged that it paid $11 million in Bitcoin "to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.”

The payment was made after slaughterhouse operations and food production had resumed. “We felt this decision had to be made to prevent any potential risk for our customers,” said Nogueira, in a prepared statement.

On June 3, the company said that all of its global facilities were fully operational after the attack, limiting its losses to less than one day’s worth of food production.

JBS USA said it was able to resolve issues at that time thanks to its cybersecurity protocols, redundant computer systems and backup servers. The company said it spends more than $200 million annually on information technology and employs more than 850 professionals globally in the field.

Pay, pandemic pressures

Also, this week, JBS USA announced it is investing more than $130 million to increase beef production capacity while offering more than $150 million in annualized pay increases to workers across its nine beef plants, including Tolleson.

JBS USA also said it has provided more than $150 million in annualized wage increases over the past 12 months plus more than $71 million in short-term incentives and non-permanent bonuses to its U.S. beef workforce during the pandemic. Hourly beef workers at JBS USA now earn average pay of more than $22 an hour, the company said, and many are eligible for two years of company-paid college tuition for themselves and dependent children.

Reach the reporter at russ.wiles@arizonarepublic.com.

Support local journalism. Subscribe to azcentral.com today.