Costa Rica Declares A State Of Emergency Following Cyber Attacks

Uploaded on 2022-05-16 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

President Rodrigo Chaves of Costa Rica has declared a National State of Emergency due to an attack on government systems perpetrated by Russian-speaking cyber criminals. 

The attack began in April when the finance ministry was the first to report that a number of its systems were affected, including tax collection and customs. Attacks also targeted the social security agency’s human resources system and Ministry of Labour.

The hackers initially broke into the Finance Ministry on April 12, it said. They were able to spread to other agencies, including the Ministry of Science, Technology and Telecommunications and the National Meteorological Institute.

The Conti cyber crime group which has links to the Russian state, claimed responsibility for the incident. It is believed to be extorting the Costa Rica government for millions after rendering IT systems across several ministries and threatening to publish stolen data online. This included severely impacting the country’s foreign trade by disrupting its customs and taxes platforms.

The Conti group has since reportedly leaked 97% of the stolen data and is aiming to extort millions from the government by publishing stolen data online as well as rendering IT systems unusable across several ministries.
It is currently unclear whether there is any political motivation behind the attacks or if it is purely financial.
And recently the US State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.

The Costa Rican government has not reported an expansion of the attack, but some systems, especially at the Finance Ministry, still are not functioning normally. The government has also not made an estimate of the losses caused by the attack. The previous President of Costa Rica Carlos Alvarado was in office when the attacks began and he said Costa Rica would not pay the gang any ransom.

In a statement, the US State Department said the Conti group had been responsible for hundreds of ransomware incidents during the past two years. “The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”

ABC:     USNews:     NBC:     Infosecurity Magazine:  Bleeping Computer:   Guardian:   Sky:    Sababa Security

You Might Also Read: 

Finland Hit By Cyber Attacks:

 

« Wanted: Access To Social Media Data
Threat Hunting Solutions »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

NATO Communications and Information Agency (NCIA)

NATO Communications and Information Agency (NCIA)

The NCIA Cyber Security Service Line is responsible for planning and executing all life cycle management activities for cyber security.

Zanasi & Partners

Zanasi & Partners

Zanasi & Partners is a security research and advisory company active in the EU and MENA areas. Services focus on technology solutions.

Norwegian Center for Information Security (NorSIS)

Norwegian Center for Information Security (NorSIS)

NorSIS) is an independent organization that works to increase knowledge and understanding of information security for businesses and individuals.

Duo Security

Duo Security

Duo combines security expertise with a user-centered philosophy to provide two-factor authentication, endpoint remediation and secure single sign-on tools.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Ingenio Global

Ingenio Global

Ingenio is a specialist recruitment business for SaaS companies. Our purpose is to source exceptional talent in areas including cyber security for leading SaaS companies in the UK and Ireland.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

TrueFort

TrueFort

TrueFort take an application-first approach that offers comprehensive protection for real-time visibility and analysis, protection and better communication across business, IT, and security teams.

GuardDog.ai

GuardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

CyberNut

CyberNut

CyberNut are a security awareness training solution built exclusively for schools.