Costa Rica Declares A State Of Emergency Following Cyber Attacks

President Rodrigo Chaves of Costa Rica has declared a National State of Emergency due to an attack on government systems perpetrated by Russian-speaking cyber criminals. 

The attack began in April when the finance ministry was the first to report that a number of its systems were affected, including tax collection and customs. Attacks also targeted the social security agency’s human resources system and Ministry of Labour.

The hackers initially broke into the Finance Ministry on April 12, it said. They were able to spread to other agencies, including the Ministry of Science, Technology and Telecommunications and the National Meteorological Institute.

The Conti cyber crime group which has links to the Russian state, claimed responsibility for the incident. It is believed to be extorting the Costa Rica government for millions after rendering IT systems across several ministries and threatening to publish stolen data online. This included severely impacting the country’s foreign trade by disrupting its customs and taxes platforms.

The Conti group has since reportedly leaked 97% of the stolen data and is aiming to extort millions from the government by publishing stolen data online as well as rendering IT systems unusable across several ministries.
It is currently unclear whether there is any political motivation behind the attacks or if it is purely financial.
And recently the US State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.

The Costa Rican government has not reported an expansion of the attack, but some systems, especially at the Finance Ministry, still are not functioning normally. The government has also not made an estimate of the losses caused by the attack. The previous President of Costa Rica Carlos Alvarado was in office when the attacks began and he said Costa Rica would not pay the gang any ransom.

In a statement, the US State Department said the Conti group had been responsible for hundreds of ransomware incidents during the past two years. “The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”

ABC:     USNews:     NBC:     Infosecurity Magazine:  Bleeping Computer:   Guardian:   Sky:    Sababa Security

You Might Also Read: 

Finland Hit By Cyber Attacks:

 

« Wanted: Access To Social Media Data
Threat Hunting Solutions »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Bob's Business

Bob's Business

Bob's Business adopts a fresh approach to information security awareness and compliance training, delivering key information through the use of short animated movies.

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

ThreatBook

ThreatBook

ThreatBook is dedicated to providing real-time, accurate and actionable threat intelligence to block, detect and prevent attacks.

infySEC

infySEC

InfySEC is an information security services organization offering Security Technology services, Security Consulting, Security Training, Research & Development.

TruNarrative

TruNarrative

TruNarrative provides a unified solution for Identity Verification, Fraud Detection, eKYC, Risk Assessment, AML Compliance and Account Monitoring.

Accelerator Frankfurt

Accelerator Frankfurt

Accelerator Frankfurt is an independent go-to-market program focused on Fintech, Cybersecurity and Digital B2B startups.

neoEYED

neoEYED

neoEYED helps banks and fintech to detect and prevent frauds using a Behavioral AI that recognizes the users just by looking at “how” they interact with the applications.

TCS Forensics

TCS Forensics

TCS Forensics is Canada’s premier digital forensic, cyber investigation, and security firm.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

Battery Ventures

Battery Ventures

Battery partners with talented founders and teams building category-defining businesses at all stages of growth.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

Verinext

Verinext

Verinext delivers transformative business technology, from intelligently automating time-consuming tasks and protecting data assets to securing infrastructure and improving customer experiences.