The REvil behind the JBS ransomware attack: FBI


Officials blamed REvil/Sodinokibi for the attack and said they are working to bring the threat actors to justice.

The FBI attributed the recent ransomware attack against meat supplier JBS to the “REvil and Sodinokibi” ransomware, and listed two names commonly used to describe the same threat.

REvil, also known as Sodinokibi, was first discovered in April 2019, and has since become a major ransomware-as-a-service threat targeting corporate organizations. Earlier this year, Kaspersky reported that the organization asked for the highest ransom in 2021.

JBS determined that it was the victim of a cyber attack on May 30; White House officials later confirmed that this was a ransomware attack and blamed it on “a criminal organization that may be located in Russia.” Officials said in a press release that disclosed the attack that the attack affected some servers supporting JBS’s North American and Australian IT systems, but did not affect its backup servers.

FBI officials wrote in a press release: “We attribute the JBS attacks to REvil and Sodinokibi, and are working to bring threat actors to justice.” “We will continue to focus on imposing risks and consequences, and Hold responsible cyber actors accountable.” Organizations that are victims of cyber attacks are encouraged to contact the FBI.

On the same day the news of the FBI attribution came out, Anne Neuberger, Deputy Assistant to President Joe Biden and Deputy National Security Advisor for Cyber ​​and Emerging Technologies, issued an open letter to corporate organizations urging them to take measures to prevent ransomware because of The number and scale of software incidents have increased significantly.”

Although ransomware has become a greater concern at the federal level, Neuberger discussed how the private sector also has a responsibility to guard against such threats. She urged companies to implement the practices in the recent executive order: back up data, system images and configurations, test them and keep them offline; update and patch systems; test incident response plans; split their networks; and test their systems Security.

Read the full FBI statement and Neuberger’s full open letter for more information.

Dark Reading’s Quick Hits briefly introduced the importance of breaking news events. For more information about the original source of this news, please click on the link provided in this article.View the complete bio

Recommended reading:

More insights

Related Articles

Back to top button