Colonial Pipeline could face a $1 million fine for safety violations that had a role in the 2021 cyberattack
May 12, 2022
Sababa Security supported the Italian Team in Locked Shields 2022 – the largest and most complex international live-fire cyber defence exercise
May 17, 2022
On Sunday, May 8, the Costa Rican President, Rodrigo Chavez, declared a state of national cybersecurity emergency following multiple ransomware attacks targeting several government bodies. The attacks – attributed to the Russian gang Conti – started in the second half of April, shortly after the President took office.
The Ministry of Finance was the first to suffer damage. A number of its platforms have been affected, from tax collection to importation and exportation. With Costa Rica exporting a daily average of $38 million in products, the cyber-attack had a major impact on its foreign trade: because of a forced shutdown of the activities, the country’s import and export logistics collapsed, with many delays at borders due to the fact that operations had to be carried out manually.
In the following days, the victims were multiplying: among others, the Ministry of Labour and Social Security, the Ministry of Science, Innovation, Technology and Telecommunications, and the National Meteorological Institute.
Conti demanded a ransom of $10 million in exchange for not releasing stolen information, but Costa Rica has declined to pay. According to the latest news, Conti declared to have leaked 97% of 672 GB data stolen from the government agencies.
Image taken from www.bleepingcomputer.com
A rallying call
The Costa Rica ransomware attack demonstrates that it is high time to level up cybersecurity skills across government bodies across the globe. Moreover, when impacting on developing nations, such incidents can potentially be as serious as a military action or a natural disaster.
Ransomware and other digital threats are making government infrastructures vulnerable as never before: from financial bodies to police departments, many public agencies have suffered successful cyberattacks in recent years with devastating consequences.
Therefore, there is an urgent need to change approach, thus considering investment in cybersecurity – both in terms of people and technology – as a strategic defensive shield.
How to prevent ransomware attacks?
According to the Clusit Report 2022, malware and ransomware are still the main attack techniques used by malicious actors, accounting for 41% of cases. In particular ransomware, with its double and triple extortion, is capable of bringing even the most structured of organisations to its knees.
Here are a few tips on how to prevent a ransomware attack:
- Train your employees. Human factor still accounts for a staggering number of data breaches around the world: according to our latest report, 21 out of 100 users make insecure actions, including clicking the links, downloading the attachments, and submitting credentials to fraudsters. Empowering your employees to recognize common cyber threats can be vital to your organisation.
- Constantly monitor and assess your security posture. A robust security posture enables organisations to promptly respond to cybersecurity threats, thus preventing malware intrusions, data breaches and other attacks. By constantly monitoring IT assets, the attack surface will be considerably reduced.
- Be ready with an emergency plan. Security incidents happen anyway. However, the severity of the security incident disruption depends on how well prepared the attacked company is. To contain the incident and restore business activity as quickly as possible with minimal consequences for the company, it is worth having a security emergency plan prepared in advance.
