On Sunday, May 8, the Costa Rican President, Rodrigo Chavez, declared a state of national cybersecurity emergency following multiple ransomware attacks targeting several government bodies. The attacks – attributed to the Russian gang Conti – started in the second half of April, shortly after the President took office.
The Ministry of Finance was the first to suffer damage. A number of its platforms have been affected, from tax collection to importation and exportation. With Costa Rica exporting a daily average of $38 million in products, the cyber-attack had a major impact on its foreign trade: because of a forced shutdown of the activities, the country’s import and export logistics collapsed, with many delays at borders due to the fact that operations had to be carried out manually.
In the following days, the victims were multiplying: among others, the Ministry of Labour and Social Security, the Ministry of Science, Innovation, Technology and Telecommunications, and the National Meteorological Institute.
Conti demanded a ransom of $10 million in exchange for not releasing stolen information, but Costa Rica has declined to pay. According to the latest news, Conti declared to have leaked 97% of 672 GB data stolen from the government agencies.
Image taken from www.bleepingcomputer.com
The Costa Rica ransomware attack demonstrates that it is high time to level up cybersecurity skills across government bodies around the world. Moreover, when impacting on developing nations, such incidents can potentially be as serious as a military action or a natural disaster.
Ransomware and other digital threats are making government infrastructures vulnerable as never before: from financial bodies to police departments, many public agencies have suffered successful cyberattacks in recent years with devastating consequences.
Therefore, there is an urgent need to change approach, thus considering investment in cybersecurity – both in terms of people and technology – as a strategic defensive shield.
According to the Clusit Report 2022, malware and ransomware are still the main attack techniques used by malicious actors, accounting for 41% of cases. In particular ransomware, with its double and triple extortion, is capable of bringing even the most structured of organisations to its knees.
Here are a few tips on how to prevent a ransomware attack: