Financial Crime World

CYBERCRIME EPIDEMIC STRIKES COSTA RICA: GOVERNMENT REFUSES TO PAY $20 MILLION RANSOM DEMAND

Devastating Wave of Cyberattacks Cripples Costa Rica’s Public Institutions

Costa Rica has been reeling from a severe wave of cyberattacks that has caused an estimated $125 million in economic losses. The attacks, carried out by the Conti Group, a Russian-based ransomware gang, began on April 17 and targeted several public institutions.

The Attacks: A Timeline

  • April 17: The Virtual Tax Administration (ATV) and the Customs Information System (TICA) were attacked.
  • April 19: The website of the Ministry of Science, Innovation, Technology and Telecommunications was defaced.
  • Hours later: Conti attacked an email server of the National Meteorological Institute, stealing sensitive information.

Government Response: Refusing to Pay Ransom Demand

The Costa Rican government refused to pay the ransom demand, labeling the hackers “terrorist groups.” As a result, the effects of the attack continued for several months, forcing the government to temporarily shut down computer systems used to declare taxes and control imports and exports.

Consequences of the Attack: Chaos in Various Sectors

  • Education: Teachers were unable to receive paychecks.
  • Healthcare: Health officials were unable to access medical records.
  • Commerce: Tax and customs systems were paralyzed.

International Response: Technical Assistance and Rewards

The Costa Rican government received technical assistance from Microsoft, as well as the governments of the United States, Israel, and Spain, to restore its services. The US State Department offered a $10 million reward for information leading to the identification of persons in a leadership position within the Conti Group.

A Warning: Ransomware Remains a Significant Threat

The Costa Rican government has vowed to take further measures to prevent similar attacks and is working on strengthening its cybersecurity infrastructure. The country’s experience serves as a warning that ransomware remains a significant threat to governments and institutions worldwide, emphasizing the need for vigilance and collaboration in addressing this menace.