Tuesday, April 16, 2024

Costa Rica has declared a state of emergency due to a hacker attack on state institutions

The president of the Central American state of Costa Rica declared a state of emergency this weekend because the Conti ransomware attacked several government agencies and ministries


2 min read

The blackmailing malware Conti has been around since 2020 and is believed to be distributed by a Russian group of hackers. The United States has responded to this threat by announcing a reward to anyone who has any information about them.

If you report any information to US authorities that would help identify the leaders of this hacker group, you can get $ 10 million. In the event that the information leads to the arrest of individuals who cooperate with them, the potential reward is $ 5 million.

Big attack on Costa Rica
Almost at the same time, the ruling structures of Costa Rica found out about the dangers of this ransomware in a more challenging way. In recent weeks, their state institutions and agencies and at least two ministries have fallen victim to the Conti attack.

Hackers threat
Hackers threat

In addition to making it impossible or difficult for these institutions to work, hackers managed to steal huge amounts of data from them – as much as 672 gigabytes. Of that, about 97% has already been posted on publicly available servers after the Treasury Department refused to pay a $ 10 million ransom.


For this reason, the newly elected President of Costa Rica, Rodrigo Chaves, had to, immediately after taking office, declare a state of emergency at the level of the entire public sector. Namely, since April 18, digital services of the state treasury, such as signing documents, have been entirely unavailable, making it impossible for many economic entities to do business.

“We have signed this decree so that the country can defend itself against attacks by cybercriminals. This is an attack on our homeland, and we have passed a decree to defend ourselves better,” said President Chaves, declaring a state of emergency.

Experts link the attack to the Wizard Spider group, which communicates in Russian, and has previously been linked to attacks on other malware strains, such as Ryuk, TrickBot, or BazarLoader.







Dudescode.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com