The Costa Rican government is in danger of being overthrown.
The Conti ransomware group, which lately attacked the Costa Rican government, recently said that it is aiming nothing less than to overthrow the government, according to a report from the Associated Press.
The ransomware group previously launched a cyberattack against the Costa Rican government in early May.
Conti Ransomware Threat Details
According to the Associated Press' article, the Russian ransomware gang was able to infiltrate the Costa Rican government, claiming that it had contacts within the government.
"We have our insiders in your government," the ransomware group said. "We are also working on gaining access to your other systems, you have no other options but to pay us."
The ransomware group also said that it is aware that the Costa Rican government has hired a data recovery specialist, warning the government against finding potential workarounds to Conti's attack.
It has also raised its monetary ransom from $10 million from the Ministry of Foreign Affairs of Costa Rica to $20 million to further increase the pressure on the Costa Rican government to pay the ransom.
Read More : Hackers are Exploiting a Patched Critical Vulnerability Affecting VPN Devices for Businesses, Zyxel Firewall
Costa Rica's newly elected president, Rodrigo Chaves, confirmed that the cyberattacks were coming from within and without the country, saying that them being at war with the Conti ransomware group is "not an exaggeration."
He also added that 27 Costa Rican government institutions, including municipalities and state-run facilities, were affected by the cyberattack.
Just Another For-Profit Hacker Group
Despite Conti's threats of overthrowing the Costa Rican government, one of Emisoft's ransomware analysts, Brett Callow, said that the group's threats are nothing but air, believing that the attack is simply a ruse to acquire more money, per Engadget.
"I believe this is simply a for-profit cyber attack," Callow said. "Nothing more."
However, Callow warns that Conti's threat of causing more disruption than they already have is "potentially real" and that there is no way of knowing how many government departments the ransomware group has already compromised but not yet encrypted.
The Extent and Effect of Conti's Attacks
BleepingComputer mentioned in its article that Costa Rica's Ministry of Finance was the first government office to be affected as a result of Conti's cyberattack. As of this time, the country's Finance Ministry is still unable to properly assess the scale of Conti's cyberattack or the extent of the damage it caused to taxpayers' information, payments, and customs systems.
The ransomware group also attacked Costa Rica's Ministerio de Hacienda, the Ministry of Labor and Social Security, the Social Development and Family Allowances Fund, and the Interuniversity Headquarters of Alajuela, SIUA.
The US State Department declared a $10 million bounty on Conti's key members due to their cyberattack "severely impacting the country's foreign trade by disrupting its customs and taxes platforms."
Brief Background of Conti
The Conti ransomware group, which is also known as Gold Ulrick, is a Russia-based transnational organized ransomware group and is one of the more active ones in recent history.
It has reportedly backed Russia's aggression toward Ukraine and has received ransom money worth $150 million from its victims. As a result, Conti's ransomware strain has become one of the most expensive ever seen.