DETROIT — The world’s largest meat processing company has resumed most production after a weekend cyberattack, but experts say the vulnerabilities exposed by this attack and others are far from resolved.
In a statement late Wednesday, the FBI attributed the attack on Brazil-based meat processor JBS SA to REvil, also known as Sodinokibi, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months. The FBI said it will work to bring the group to justice and it urged anyone who is the victim of a cyberattack to contact the bureau immediately.
REvil has not posted anything related to the hack on its dark web site. But that’s not unusual. Ransomware syndicates as a rule don’t post about attacks when they are in initial negotiations with victims — or if the victims have paid a ransom.
In October, a REvil representative who goes by the handle “UNKN” said in an interview published online that the agriculture sector would now be a main target for the syndicate. REvil also threatened to auction off sensitive data stolen from victims who refused to pay it.
The attack targeted servers supporting JBS’s operations in North America and Australia….
