Costa Rica Declares A State Of Emergency Following Cyber Attacks

President Rodrigo Chaves of Costa Rica has declared a National State of Emergency due to an attack on government systems perpetrated by Russian-speaking cyber criminals. 

The attack began in April when the finance ministry was the first to report that a number of its systems were affected, including tax collection and customs. Attacks also targeted the social security agency’s human resources system and Ministry of Labour.

The hackers initially broke into the Finance Ministry on April 12, it said. They were able to spread to other agencies, including the Ministry of Science, Technology and Telecommunications and the National Meteorological Institute.

The Conti cyber crime group which has links to the Russian state, claimed responsibility for the incident. It is believed to be extorting the Costa Rica government for millions after rendering IT systems across several ministries and threatening to publish stolen data online. This included severely impacting the country’s foreign trade by disrupting its customs and taxes platforms.

The Conti group has since reportedly leaked 97% of the stolen data and is aiming to extort millions from the government by publishing stolen data online as well as rendering IT systems unusable across several ministries.
It is currently unclear whether there is any political motivation behind the attacks or if it is purely financial.
And recently the US State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.

The Costa Rican government has not reported an expansion of the attack, but some systems, especially at the Finance Ministry, still are not functioning normally. The government has also not made an estimate of the losses caused by the attack. The previous President of Costa Rica Carlos Alvarado was in office when the attacks began and he said Costa Rica would not pay the gang any ransom.

In a statement, the US State Department said the Conti group had been responsible for hundreds of ransomware incidents during the past two years. “The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”

ABC:     USNews:     NBC:     Infosecurity Magazine:  Bleeping Computer:   Guardian:   Sky:    Sababa Security

You Might Also Read: 

Finland Hit By Cyber Attacks:

 

« Wanted: Access To Social Media Data
Threat Hunting Solutions »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Gigasoft

Gigasoft

Gigasoft provide secure online data backup & cloud backup services for the education sector and businesses.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Dispersive Networks

Dispersive Networks

Dispersive Virtual Network is a carrier-grade software-defined programmable network that is inspired by battlefield-proven wireless radio techniques.

SAASPASS

SAASPASS

SAASPASS is a full-stack identity and access management solution, a single product which allows you to manage all your digital and physical access needs securely and conveniently.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

Cybersecurity Professionals

Cybersecurity Professionals

Search vacancies from top cyber security jobs worldwide on CyberSecurity Professionals. View IT security jobs or upload your CV to be seen by recruiters from industry leading firms.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

FirstWave Cloud Technology

FirstWave Cloud Technology

FirstWave Cloud Technology is a global cyber security company which has been delivering Cybersecurity-as-a-service solutions to the market since 2004.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

Secret Intelligence Service (SIS - MI6)

Secret Intelligence Service (SIS - MI6)

The UK’s Secret Intelligence Service, also known as MI6, has three core aims: stopping terrorism, disrupting the activity of hostile states, and giving the UK a cyber advantage.

Xeliumtech Solutions

Xeliumtech Solutions

Xeliumtech Solutions are a Digital Transformation partner with quality offerings in Mobile App Development, Ecommerce, Devops, RPA, AI, IoT development, Cybersecurity and more.

Hopper Security

Hopper Security

The Future of Open-Source Risk Management Starts Here. We built Hopper to make sure you can harness the power of Open-Source safely and effectively.