U.S. authorities have attributed the attack on Brazil-based meat processor JBS to hackers believed to be tied to Russia and said U.S. investigators are working "diligently" to bring the group to justice.
Investigators have attributed the JBS attack to REvil and Sodinokibi, an FBI statement said, urging anyone who is the victim of a cyberattack to contact the bureau immediately.
REvil and Sodinokibi are two names for the same hacking group with ties to Russia, according to cybersecurity experts quoted in U.S. media reports.
The White House said earlier that a criminal group likely based in Russia was thought to be responsible for the hack on JBS, the world's largest meat processor.
Spokeswoman Jen Psaki said on June 2 that a review was under way to consider how to respond and no options had been taken off the table. Washington is in direct touch with Russia "to convey our concerns about these reports," Psaki said.
She added that the hack is expected be discussed at the summit on June 16 between U.S. President Joe Biden and Russian President Vladimir Putin.
"President Biden certainly thinks that President Putin and the Russian government has a role to play in stopping and preventing these attacks," Psaki said.
The attack was first reported on June 1 and targeted servers supporting JBS’s operations in North America and Australia. The affected processing plants are expected to return to full capacity in the next couple days, said officials with the United Food and Commercial Workers international union.
JBS said on June 1 that it had made "significant progress in resolving the cyberattack."
The FBI and the White House declined to comment on the ransom, and it is not known whether JBS paid one.
The cyberattack followed a ransomware attack last month on Colonial Pipeline, the largest pipeline in the United States, which crippled fuel delivery for several days in the U.S. Southeast. A group with ties to Russia was behind that attack, which ended when the company paid $4.4 million to the hackers.
Ransomware is a type of hack in which a victim's digital data are encrypted, rendering them unusable until the targeted company pays the ransom.