Costa Rica Declares A State Of Emergency Following Cyber Attacks

Uploaded on 2022-05-16 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

President Rodrigo Chaves of Costa Rica has declared a National State of Emergency due to an attack on government systems perpetrated by Russian-speaking cyber criminals. 

The attack began in April when the finance ministry was the first to report that a number of its systems were affected, including tax collection and customs. Attacks also targeted the social security agency’s human resources system and Ministry of Labour.

The hackers initially broke into the Finance Ministry on April 12, it said. They were able to spread to other agencies, including the Ministry of Science, Technology and Telecommunications and the National Meteorological Institute.

The Conti cyber crime group which has links to the Russian state, claimed responsibility for the incident. It is believed to be extorting the Costa Rica government for millions after rendering IT systems across several ministries and threatening to publish stolen data online. This included severely impacting the country’s foreign trade by disrupting its customs and taxes platforms.

The Conti group has since reportedly leaked 97% of the stolen data and is aiming to extort millions from the government by publishing stolen data online as well as rendering IT systems unusable across several ministries.
It is currently unclear whether there is any political motivation behind the attacks or if it is purely financial.
And recently the US State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.

The Costa Rican government has not reported an expansion of the attack, but some systems, especially at the Finance Ministry, still are not functioning normally. The government has also not made an estimate of the losses caused by the attack. The previous President of Costa Rica Carlos Alvarado was in office when the attacks began and he said Costa Rica would not pay the gang any ransom.

In a statement, the US State Department said the Conti group had been responsible for hundreds of ransomware incidents during the past two years. “The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”

ABC:     USNews:     NBC:     Infosecurity Magazine:  Bleeping Computer:   Guardian:   Sky:    Sababa Security

You Might Also Read: 

Finland Hit By Cyber Attacks:

 

« Wanted: Access To Social Media Data
Threat Hunting Solutions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyber Security Associates (CSA)

Cyber Security Associates (CSA)

Cyber Security Associates provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat.

Packet Storm

Packet Storm

Packet Storm is an online resource for security tools, whitepapers, exploits, and advisories on computer security issues.

Continuum

Continuum

Continuum is the IT management platform company that allows Managed IT Services Providers to maintain and back up on-premise and cloud-based servers, desktops, mobile devices and other endpoints

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

Delta Risk

Delta Risk

Delta Risk is a global provider of managed security services and cyber security risk management solutions to government and private sector clients.

The Cyber Security Expert

The Cyber Security Expert

The Cyber Security Expert delivers cyber security consultancy, website and cloud security monitoring services, and specialist training services.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Bridewell

Bridewell

Bridewell provide cost effective Security & Risk Assurance Services across Information Security, Cyber Security, Technology Risk, Security Testing and Data Privacy.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

Techsolidity

Techsolidity

Techsolidity is an emerging e-learning platform that offers a wide range of upskilling programs worldwide in areas including cybersecurity.

Intuitive Research & Technology Corp

Intuitive Research & Technology Corp

Intuitive Research and Technology is an aerospace engineering and analysis firm providing services to the Department of Defense, government agencies, and commercial companies.

Rezonate

Rezonate

Rezonate discovers, profiles, and protects Identities and their entire access journey to cloud infrastructure and critical SaaS applications. Preventing and stopping cyberattacks.

B2Bcert

B2Bcert

B2BCERT one of the top companies offering ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 20000,CE Marking, HACCP, and other globally accepted standards and Management solutions.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.