By Kevin
Collier
Costa Rica has declared a state of emergency after hackers launched a
ransomware cyberattack -
a program that restricts access to the infected operating system and demands a ransom in exchange for removing this restriction - and paralyzed the computer networks of various government agencies, including the Ministry of Finance.
The official statement, published on the government website on Wednesday, announced that the attack was "unprecedented in the country" and that it disrupted tax collection and exposed citizens' personal information.
[Reopens Costa Rica airport where a DHL plane split in two]
The hackers initially broke into the Ministry of Finance on April 12, according to the statement.
They were able to extend to other agencies, such as the Ministry of Science, Technology and Telecommunications and the National Institute of Meteorology.
The new president of Costa Rica, Rodrigo Chaves, speaks during his first presidential speech today at the parliament in San José, Costa Rica, on May 8, 2022. Welcome Velasco / EFE
León Weinstok, director of the Costa Rican office of the BLP law firm, which specializes in cybersecurity law, said the attack had severely affected the country's ability to function.
“The government has been very, very affected.
It is impossible to quantify the losses at this time,” Weinstok said.
[Microsoft confirms serious cyberattack against Ukraine]
Ransomware
hackers
encrypt victims' computer networks and demand payment that they say will unlock them, though that process doesn't always work.
Costa Rica never considered paying the ransom, as it is against national law to participate in these types of negotiations, according to Weinstok.
The president of Costa Rica, Rodrigo Chaves, has just taken office on Sunday.
The emergency declaration authorizes you to hire outside cybersecurity experts without waiting for permission from the country's legislature.
They capture the fall of a Christ in the procession of Holy Week in Costa Rica
April 14, 202200:26
The perpetrator of the attack is Conti, one of the
most destructive active
ransomware gangs.
These groups often try to extort money from victims by threatening to publish the stolen data, and Conti posted a large cache of documents, purportedly from Costa Rican government sites, on his dark web page on Sunday.
Conti is perhaps most famous for having hacked into and severely disrupted Ireland's national health system last year.
Although membership of
ransomware
gangs is usually fluid, the gang is mostly made up of Russian and Eastern European hackers.
[Meatpacker JBS paid $11 million ransom to hackers who attacked its servers]
He declared his allegiance to Russia when the country invaded Ukraine in February, according to Brett Callow, a
ransomware
analyst at cybersecurity firm Emsisoft.
On Friday, the US State Department said the group was responsible for the Costa Rica hack and offered a $10 million reward for help bringing the Conti hackers to justice.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/HLK7GOESWRBMZA2KE2VATJISN4.jpg)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/XCA4CVL2DZHTHIBQ6Q2XMP2JGY.jpg)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/5OEFXRUP6BFYRM3645I2WOWNVQ.jpg)
