The FBI identified Russia-linked ransomware group REvil on Wednesday as the entity responsible for the cyberattack that forced key US meat producer JBS to shut down all of its beef plants, according to a report.
"We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice," the FBI said in a statement. "We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable."
REvil is also known as Sodinokibi. The White House previously said a criminal group likely based in Russia was thought to be responsible for the hack.
President Biden said his administration was "looking closely" at the possibility of retaliatory action toward Russia following the JBS hack and a previous cyberattack by a different Russia-linked group that affected the Colonial Pipeline. When asked if he felt that Russian President Vladimir Putin was testing his administration, Biden said no.
IronNet Cybersecurity SVP Jamil Jaffer provides insight into the series of recent cyberattacks in the U.S.
Biden is expected to discuss the recent surge in cyberattacks during a summit meeting with Putin later this month.
In an update on Tuesday night, JBS USA said it had made "significant progress" in its efforts to resolve the cyberattack. CEO Andre Nogueira said he expected the "vast majority" of JBS plants to be operational by Wednesday.
JBS’ beef plants are responsible for roughly one-quarter of the country’s processing capacity. The company said it was "able to ship product from nearly all of its facilities to supply customers" on Tuesday despite the interruption to its operations.
This story has been updated.