Financial Crime World

Here is the rewritten article in markdown format:

Costa Rica Hit by Widespread Cyberattacks, Financial Institutions Among Targets

A Devastating Wave of Cybercrime Strikes Costa Rica

A devastating wave of cybercrime has struck Costa Rica, with at least 27 government institutions and financial bodies falling prey to ransomware attacks. The first attack was launched on April 17, 2022, followed by a second wave on May 31.

The Conti Group’s Initial Assault

The Conti Group, believed to be based in Russia, is suspected of orchestrating the initial assault, which targeted Microsoft-based servers operated by the Costa Rican government. The attackers demanded a ransom of $20 million in exchange for not releasing sensitive information stolen from the Ministry of Finance.

Second Wave: Hive Group’s Attack

The second attack, attributed to the Hive Group also allegedly based in Russia, targeted the Costa Rican Social Security Fund. The fund was forced to shut down all critical systems, including medical records and payment systems.

Government Response

The Costa Rican government refused to pay the ransom demands, labeling the hackers “terrorist groups.” President Rodrigo Chaves declared a national emergency on May 8, stating that Costa Rica was “at war” with the hackers. The government received technical assistance from Microsoft and other international partners to restore its services.

Impact of the Attacks

The attacks resulted in significant economic losses, with an estimated $125 million lost in the first 48 hours following the assault. Tax and customs systems were paralyzed, and health officials were unable to access medical records.

Lessons Learned

As one expert noted, “Costa Rica’s experience serves as a stark reminder of the ongoing threat posed by ransomware attacks. The country’s refusal to pay the ransom only added to its woes, highlighting the need for robust cybersecurity measures and international cooperation in combating these threats.”

Conclusion

The Costa Rican government’s refusal to pay the ransom demanded by the attackers has had significant consequences, with an estimated $125 million lost in the first 48 hours following the assault. The attacks serve as a stark reminder of the ongoing threat posed by ransomware attacks and highlight the need for robust cybersecurity measures and international cooperation in combating these threats.