Hackers from Conti (the most powerful cybercriminal group in the world) have gone after Costa Rica. Several government agencies were affected. The country is currently in a chaotic situationwhich pushes the president-elect on Sunday May 8, 2022, Rodrigo Chaves, to declare a state of national emergency.
672 GB of data stolen from government agencies
Conti’s cybercriminals have already released 97% of the 672 GB of data stolen from government agencies across the country. According to several sources and the statements of the new president, the public body that has suffered the most from Conti’s cyberattacks is the Ministry of Finance. The latter has also still not assessed the extent of the security incident or the extent to which taxpayer information was affected. Another body affected: the country’s public health agency, the Costa Rican Social Security Fund (CCSS).
Pro-Ukrainian hackers attack the Russian government
BleepingComputer provided a non-exhaustive list of government agencies affected during the Conti attacks. We find: the Ministry of Finance of Costa Rica, the Ministry of Labor and Social Security, the Fund for Social Development and Family Allowances, the University Headquarters of Alajuela, the Administrative Council of the Electrical Service of the Province of Cartago , the Ministry of Science, Innovation, Technology and Telecommunications, the National Institute of Meteorology… In short, most of the organs of the country are concerned.
Costa Rican President Rodrigo Chaves intends to defend himself well
The leaked data has not yet been fully analyzed, but an early look at a small subset of this data shows source code and SQL databases that appear to come from government websites. Conti claimed responsibility for the cyberattacks and even threatens to carry out future attacks “in a more serious form”. This situation therefore prompted Rodrigo Chaves, the new president of Costa Rica, to describe the state of national emergency.
He is pointing out that “the attack that Costa Rica is currently experiencing from cybercriminals, is declared a national emergency and we are signing this decree, precisely, to declare a state of national emergency in the entire public sector of the Costa Rican state and allow our society to respond to these attacks as criminal acts”. Since April 18, 2022, the digital services of the Public Treasury have been unavailable, which paralyzes the entire economy of the country.
The president seems determined to defend himself. He can probably count on the help of the American Department of State, which has undertaken to offer 10 million dollars for any information on the identity and location of Conti’s cybercriminals. As well as an additional $5 million bounty for information leading to the arrest and/or conviction of the individuals responsible for these attacks. Conti’s hackers are affiliated with Russian-speaking organizations and have proudly shown their support for Russia in the war in Ukraine. It is therefore not surprising to see the United States come to the aid of Costa Rica.