Costa Rica’s public health system is down

Costa Rica has suffered for several weeks a massive cyberattack orchestrated by the Russian hackers of Conti. This time it’s the turn of country’s public health system to be affected. A ransomware dubbed “Hive” forced the Costa Rican social security take their systems offline.

Costa Rica is not making it

In a statement on Twitter, CCSS (Caja Costarricense de Seguro Social) said the attack began early Tuesday morning and an investigation is ongoing. The institution specifies that the Hive ransomware has been deployed on at least 30 of the 1,500 government servers and that it is impossible to estimate the recovery time. Some CCSS employees said they were told by management to shut down their computers after the printers started outputting strange documents. An attack which occurs while the country is still in a state of national emergency.

In the same category

Workers behind a computer.

Microsoft will train 10,000 cybersecurity professionals in France within 3 years

For several weeks, many government institutions have been affected by attacks. We find in particular the Ministry of Finance of Costa Ricathe Ministry of Labor and Social Security, the Social Development and Family Allowance Fund, the University Headquarters of Alajuela, the Administrative Council of the Electric Service of the Province of Cartago, the Ministry of Science, Innovation , technology and telecommunications, the National Institute of Meteorology… In short, most of the country’s bodies are concerned.

Conti teams up with other cybercriminals

Conti hackers, backed by the Russian state, are pressuring the government to pay the ransom ($20 million). They specify that “we are determined to overthrow the government by means of a cyberattack, we have already shown you all our strength and power”. According to cybersecurity experts who worked on the CCSS attack, Conti hackers may have accompanied hackers behind Hive ransomware. It may even be a way of “change brand” in order to escape international sanctions.

Conti is at an impasse. Because of his public allegiance to Russia in the early days of the Russian invasion of Ukraine, the group may have to shut down. In an attempt to survive, hackers have formed alliances with other groups, including Hive, a gang behind ransomware as a service (RaaS) software, whose hackers have been active since at least June 2021. Given Conti’s position, it’s no wonder that this attack is attributed to other cybercriminals.

ttn-4