Financial Crime World

Cybersecurity Fears Grip Costa Rica as Conti Ransomware Group Wreaks Havoc

Costa Rica has been severely affected by a cyberattack carried out by the notorious Conti hacking group, with 27 government institutions impacted and nine significantly affected. The attack has disrupted foreign trade by shutting down customs and taxes platforms, prompting President Rodrigo Chaves to declare a state of national emergency on May 8.

The Attack

The Conti ransomware group, also known as “double- extortion” ransomware, is demanding $20 million in exchange for restoring access to affected systems. The group has already posted over 600GB of Costa Rican government data online and threatened to release more if the ransom is not paid.

Consequences

  • Disrupted foreign trade by shutting down customs and taxes platforms
  • Treasury department unable to pay staff, with civil servants advised to apply for salaries via email, paper, or hand
  • Potential impact on national economy and global trade

Cybersecurity Experts’ Concerns

  • The attack is a “stark warning” of the real-world damage that can be caused by cyberattacks, according to CEO of Defence.com Oliver Pinson-Roxburgh.
  • Cybersecurity experts warn against paying ransoms, as it funds other illicit activity and does not guarantee file recovery.

Identity-First Approach

  • Combining identity-first principles with least-privilege data access security to mitigate threats
  • Focusing on preventative solutions rather than reactive ones to ensure attacks are stopped before they can cause damage

Background

  • The Conti ransomware group has been linked to a group based near St Petersburg, Russia.
  • The US Department of State is offering up to $15 million as a reward for information on the Conti group.

Global Implications

  • Ransomware groups targeting critical organizations should be seen as a “learning curve” for every country and enterprise globally.
  • It is crucial to focus on preventative solutions rather than reactive ones to ensure attacks are stopped before they can cause damage.

Statistics

  • Over 1,000 victims of attacks associated with Conti ransomware, with payouts exceeding $150 million.