The Conti ransomware launched cyberattacks on Costa Rica's government bodies, prompting President Rodrigo Chaves to declare a state of emergency.
It was on Sunday, May 8, that Chaves signed the declaration into law. On the same day, he became the country's 49th and current president. Chaves is an economist and was the country's Minister of Finance before that.
Cyberattacks in Costa Rica
The Conti ransomware cyberattacks made enough breaches into the public agencies of Costa Rica that prompted President Oscar Chaves to sign a national emergency declaration on Sunday, May 8.
According to BleepingComputer, Costa Rica's President, accompanied by Minister of Presidency Natalia Daz and Minister of Science, Innovation, Technology, and Telecommunications (MICITT) Carlos Alvarado, declared a national emergency, stating that: "The attack that Costa Rica is suffering from cybercriminals and cyberterrorists is declared a national emergency and we are signing this decree, precisely, to declare a state of national emergency in the entire public sector of the Costa Rican State and allow our society to respond to these attacks as criminal acts."
President Chaves added that the state of emergency declaration is for the country to be able to defend itself against the criminal attack that cybercriminals are waging against them.
The Ministry of Finance was the first public entity to incur damage as a result of Conti's cyberattack, and it has yet to properly assess the scale of the security incident or the extent to which taxpayers' information, payments, and customs systems have been damaged.
The cyberattacks also got into the Costa Rican Finance Ministry, Ministerio de Hacienda, the Ministry of Labor and Social Security, the Social Development and Family Allowances Fund, and the Interuniversity Headquarters of Alajuela, SIUA.
Conti had previously requested a $10 million ransom from the Ministry of Foreign Affairs of Costa Rica, which the government refused to meet.
The Costa Rican Social Security Fund (CCSS), the country's public health institution, has previously said that a perimeter security review is being carried out on the Conti Ransomware, in order to check and prevent possible attacks at the CCSS level.
Conti Ransomware
Conti is a Russia-based transnational organized ransomware group, which is also popularly known as Gold Ulrick and is one of the most active ransomware actors. It has continued to attack businesses around the world while also growing its empire by taking over TrickBot and running data-extortion side businesses.
Conti has reportedly backed the Russian government's aggression toward Ukraine. As of January 2022, it has been reported that Conti has affected more than 1,000 organizations and paid out more than $150 million to his victims.
As reported by The Hacker News, due to the intensity of damage that the Russian hackers have caused internationally, the U.S. State Department recently announced that those who provide information that leads to the identification of key members of the Conti ransomware group will be eligible for prizes of up to $10 million.
A further $5 million has been offered for intelligence information that could lead to the arrest or conviction of anyone who is collaborating with or seeking to link themselves with the organization in a ransomware attack.
By far, the Russian cyber group has become one of the most expensive strains of ransomware ever seen.