On Sunday, May 8, the Costa Rican President, Rodrigo Chavez, declared a state of national cybersecurity emergency following multiple ransomware attacks targeting several government bodies. The attacks – attributed to the Russian gang Conti – started in the second half of April, shortly after the President took office.
The Ministry of Finance was the first to suffer damage. A number of its platforms have been affected, from tax collection to importation and exportation. With Costa Rica exporting a daily average of $38 million in products, the cyber-attack had a major impact on its foreign trade: because of a forced shutdown of the activities, the country’s import and export logistics collapsed, with many delays at borders due to the fact that operations had to be carried out manually.
In the following days, the victims were multiplying: among others, the Ministry of Labour and Social Security, the Ministry of Science, Innovation, Technology and Telecommunications, and the National Meteorological Institute.
Conti demanded a ransom of $10 million in exchange for not releasing stolen information, but Costa Rica has declined to pay. According to the latest news, Conti declared to have leaked 97% of 672 GB data stolen from the government agencies.
Image taken from www.bleepingcomputer.com
The Costa Rica ransomware attack demonstrates that it is high time to level up cybersecurity skills across government bodies around the world. Moreover, when impacting on developing nations, such incidents can potentially be as serious as a military action or a natural disaster.
Ransomware and other digital threats are making government infrastructures vulnerable as never before: from financial bodies to police departments, many public agencies have suffered successful cyberattacks in recent years with devastating consequences.
Therefore, there is an urgent need to change approach, thus considering investment in cybersecurity – both in terms of people and technology – as a strategic defensive shield.
According to the Clusit Report 2022, malware and ransomware are still the main attack techniques used by malicious actors, accounting for 41% of cases. In particular ransomware, with its double and triple extortion, is capable of bringing even the most structured of organisations to its knees.
Here are a few tips on how to prevent a ransomware attack:
|_ga||2 years||The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.|
|_gat_gtag_UA_150416163_1||1 minute||Set by Google to distinguish users.|
|_gid||1 day||Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.|
|pardot||past||The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking.|
|visitor_id909942-hash||10 years||No description|
|lpv909942||30 minutes||No description|
|visitor_id909942||10 years||No description|