Thursday, Mar 23, 2023

President Rodrigo Chaves says Costa Rica is at war with Conti hackers

President Rodrigo Chaves says Costa Rica is at war with Conti hackers

The president of Costa Rica says his country is "at war", as cyber-criminals cause major disruption to IT systems of numerous government ministries.

Rodrigo Chaves said hackers infiltrated 27 government institutions, including municipalities and state-run utilities.

The Conti ransomware cartel, which is thought to be run from Russia, has upped its ransom demand to $20m (£16m).

The criminals posted an appeal online to Costa Ricans to "go out on the street and demand payment".

Mr Chaves held a press conference on Monday to outline his "Plan for Implementation of Cyber-security Measures".

He gave no indication that he was planning on paying the ransom, in spite of growing disruption to government departments.

On Wednesday, the Costa Rican Treasury told civil servants that the hack had affected automatic payment services. It warned that they would not be paid on time, and would need to apply for their salaries by email, or on paper by hand.

The ministry said: "Due to the temporary downturn of the institutional systems, the service of issuing certificates regarding the amounts of salaries owed to the civil servants of the Central Administration is suspended.

"All applications received via email or in the windows of the National Accountancy will be attended to once systems are restored."

According to the government, the attacks also affected the country's foreign trade by hitting its tax and customs systems.

Mr Chaves launches his Plan for Implementation of Cyber-security Measures in response to the hack

The president, who was elected fewer than two weeks ago, declared the incident a "national emergency" and has repeatedly blamed his predecessor for not taking the cyber-attack seriously enough.

The hackers were demanding $10m when the attack started last month.

A government website says that a declaration of a state of emergency allows it, in exceptional cases, to undertake on its own some procedures that would normally require legislative approval.

For example, it allows the government to allocate public funds to deal with an emergency, without previous legislative consent.

"The attack being experienced by Costa Rica at the hands of cyber-criminals, cyber-terrorists, is declared a national emergency," Mr Chavez said, according to local media.

"We are signing this decree, precisely, to declare a state of national emergency across the entire public sector of the Costa Rican state, and allow our society to respond to those attacks as criminal actions."

The Conti hacking group has posted more than 600 gigabytes of government data online, and is threatening to publish more.

It has also posted on its darknet website that it will delete the decryption keys needed to restore the government's computer systems to normality, unless it is paid within a week.

"There is less than a week left when we destroy your keys, we are also working on gaining access to your other systems, you have no other options but to pay us," it threatened.

On its darknet website, Conti writes to the Costa Rican government: "You're forcing us to use terrible methods..."

And "terrible" is the word many cyber-security researchers are using to describe these new tactics the hackers are using to put pressure on the Costa Rican government to pay.

In the past, ransomware crews have attacked public bodies and local governments, but it is rare to see such a disruptive attack on a state.

It's also unprecedented to see such aggressive threats and direct appeals to Costa Ricans to "take to the streets".

The hackers also claim to have operatives on the inside of government - which may be unlikely but further piles the pressure on the president.

In some ways it all reads like desperation.

Conti has probably put a lot of work into its attack and it looks like it may come away empty-handed.

But it is also another terrible reminder of the power criminal hackers can wield, even against governments.

Conti is a prolific Russian speaking ransomware group responsible for many high-profile hacks.

In May 2021, the group carried out a "catastrophic hack" of the Irish Health Service.

On 6 May, the US offered a $10m reward for information about the group's leadership.

It blamed Conti for the cyber-attacks which hit Costa Rica.

Cyber-security researcher Maya Horowitz, of Check Point, says Costa Rica is not the only country to be targeted by criminals, who may be put off US organisations because of pressure from the authorities there.

"Recently we have seen two massive ransomware attacks in Costa Rica and Peru, both reportedly executed by the infamous Conti ransomware gang.

"Based on our latest research, Conti's extortion planning is very focused and based on the ability of the victim to pay," she added.

Mrs Horowitz said the research also suggested that the financial impact of a ransomware attack is "seven times higher than the initial extortion demand, but we assume in the case of a wide attack on a government like we see here, the total costs will be considerably more".

Watch: What is ransomware and how does it work?


Related Articles

Donald Trump arrested – Twitter goes wild with doctored pictures
NYPD is setting up barricades outside Manhattan Criminal Court ahead of Trump arrest.
Credit Suisse's Scandalous History Resulted in an Obvious Collapse - It's time for regulators who fail to do their job to be held accountable and serve as an example by being behind bars.
Paris Rioting vs Macron anti democratic law
'Sexual Fantasy' Assignment At US School Outrages Parents
The US government has charged Chinese businessman Guo Wengui with leading a $1 billion fraud scheme that cheated thousands of followers out of their money.
Credit Suisse to borrow $54 billion from Swiss central bank
Russian Hackers Preparing New Cyber Assault Against Ukraine
"Will Fly Wherever International Law Allows": US Warns Russia After Drone Incident
If this was in Tehran, Moscow or Hong Kong
TRUMP: "Standing before you today, I am the only candidate who can make this promise: I will prevent World War III."
Drew Barrymore
China is calling out the US, UK, and Australia on their submarine pact, claiming they are going further down a dangerous road
A brief banking situation report
Lady bites police officer and gets instantly reaction
We are witnessing widespread bank fails and the president just gave a 5 min speech then walked off camera.
Donald Trump's asked by Tucker Carlson question on if the U.S. should support regime change in Russia?.
Silicon Valley Bank exec was Lehman Brothers CFO
Elon Musk Is Planning To Build A Town In Texas For His Employees
The Silicon Valley Bank’s collapse effect is spreading around the world, affecting startup companies across the globe
City officials in Berlin announced on Thursday that all swimmers at public pools will soon be allowed to swim topless
Fitness scam
Market Chaos as USDC Loses Peg to USD after $3.3 Billion Reserves Held by Silicon Valley Bank Closed.
Senator Tom Cotton: If the Mexican Government Won’t Stop Cartels from Killing Americans, Then U.S. Government Should
Banking regulators close SVB, the largest bank failure since the financial crisis
Silicon Valley Bank: Struggles Threaten Tech Startup Ecosystem"
Man’s penis amputated by mistake after he’s wrongly diagnosed with a tumour
In a major snub to Downing Street's Silicon Valley dreams, UK chip giant Arm has dealt a serious blow to the government's economic strategy by opting for a US listing
It's the question on everyone's lips: could a four-day workweek be the future of employment?
Is Gold the Ultimate Safe Haven Asset in Times of Uncertainty?
Spain officials quit over trains that were too wide for tunnels...
Corruption and Influence Buying Uncovered in International Mainstream Media: Investigation Reveals Growing Disinformation Mercenaries
Givenchy Store in New York Robbed of $50,000 in Merchandise
European MP Clare Daly condemns US attack on Nord Stream
Former U.S. President Carter will spend his remaining time at home and receive hospice care instead of medication
Tucker Carlson called Trump a 'demonic force'
Kamala Harris: "The United States has formally determined that Russia has committed crimes against humanity."
US Joins 15 NATO Nations in Largest Space Data Collection Initiative in History
White House: No ETs over the United States
U.S. Jet Shoots Down Flying Object Over Canada
Nord Stream terror attack: David Sacks breaks down Sy Hersh's story
Being a Tiktoker might be expensive…
Miracle: El Salvador Search and Rescue teams, with the support of Turkish teams, rescued a woman and a child from the rubble 150 hours after the earthquake
SpaceX, the private space exploration company, made a significant breakthrough in their mission to reach space.
China's top tech firms, including Alibaba, Tencent, Baidu, NetEase, and, are developing their own versions of Open AI's AI-powered chatbot, ChatGPT
This shocking picture, showing how terrible is the results of the earthquake in Turkey
President Joe Biden delivered the 2023 State of the Union Address , in order to help Americans that missed the 2022 speech, do not have internet, and suffer from short memory.
The desk of King Carlos Alberto of Sardinia has many secret compartments
Today's news from Britain - 9th February 2023
China has declined the US's request for Defense Secretary Lloyd Austin to speak with Chinese Defense Minister Wei Fenghe after the US Air Force shot down a suspected Chinese spy balloon, according to the Pentagon