More

    13 Billion Colones Will Cost Costa Rica To Rehabilitate And Rebuild Systems After Cyberattack

    A total of seven institutions have been severely harmed by Conti

    Must Read

    TCRN STAFFhttps://www.TheCostaRicaNews.com
    Creating a Conscious alternative news network that we feel the world needs. Pura Vida!

    A total of more than โ‚ก13,418,907,369 will cost the Costa Rican State to rehabilitate and rebuild the systems of seven institutions after the cyberattack produced by Conti since April of this year. This is mentioned in the General Emergency Plan for Cyberattack, published this Wednesday, August 24th, in La Gaceta.

    These are the Ministries of Finance, Science, Innovation, Technology and Telecommunications (MICITT), Labor and Social Security (MTSS). As well as the Costa Rican Social Security Fund (CCSS), the National Meteorological Institute (IMN), the Administrative Board of the Municipal Electrical Service of Cartago (Jasec) and the Alajuela Interuniversity Headquarters (SIUA).

    The objective of the plan, it mentions, is to develop actions, works and services necessary to contain, solve and prevent new attacks against the Information Systems of the Costa Rican State, specifically the institutions that received the cyber attack.

    Emergency care will be attended with the institutions’ own funds as well as with resources from the National Emergency Fund (FNE). In detail, these are the institutions that are in the phase of rehabilitation and reconstruction of systems:

    Rehabilitation Phase

    • Costa Rican Social Security Fund (CCSS). It will use its own resources for โ‚ก10,000,000,000.
    • Treasury. With resources from the National Emergency Fund, it uses โ‚ก917,500 and with its own funds โ‚ก1,123,625,974.

    Reconstruction Phase

    • Treasury. In this phase, the institution will resort to โ‚ก1,049,388,494 from the National Emergency Fund to rehabilitate its systems.
    • Ministry of Science, Innovation, Technology and Telecommunications (MICITT). He will require โ‚ก641,475,400 from the National Emergency Fund to attend to his situation.
    • Ministry of Labor and Social Security (MTSS). Estimates the use of โ‚ก345,000,000 from the National Emergency Fund.
    • National Meteorological Institute (IMN). With resources from the National Emergency Fund, it plans to rehabilitate its systems using โ‚ก66,000,000.
    • Administrative Board of the Municipal Electrical Service of Cartago (Jasec). The entity of the province will require about โ‚ก130,000,000 from the National Emergency Fund and with its own resources will attend to its situation with โ‚ก34,000,000.
    •  
    • Alajuela Interuniversity Headquarters (SIUA). The institution mentions in the plan that it needs lliance โ‚ก28,500,000 from the National Emergency Fund.

    According to the CNE, the National Emergency Plan was prepared lliance the information provided by the Ministry of Science, Innovation, Technology and Telecommunications (MICITT), –as rector in the matterโ€”and by the institutions that have been affected to date. The document also mentions other actions such as the response to the events, institutional activation and guidance to execute the reconstruction phases.

    Deficiencies in system protection

    Precisely, on June 27, the minister of the llian portfolio, Carlos Enrique Alvarado, announced an lliance with the National Council of Rectors (Conare) and public universities to address the current situation in the country due to cyber attacks on state entities.

    On that occasion, he released a series of findings in 226 institutions that have deficiencies in their systems:

    • 188 institutions DO NOT have specialized Cybersecurity personnel to manage the systems.
    • 28 institutions have systems developed by third parties, but they do NOT include security aspects.
    • 41 institutions DO NOT make backup copies of the systems that are hosted by a third party.

    Of the systems that are administered by third parties, 28.8% (65 institutions) do not have a record of the activity carried out by the administrators in their systems.

    cyberattack

    There are 38 institutions that have not implemented DNS security and protection systems:

    — 104 (46%) institutions do not have EDR protection systems.

    — 43.8%, 99 institutions have NOT implemented double factor authentication in their systems.

    — 38.9%, 88 institutions have operating systems out of support, however, that number is higher since many indicated that they only had a few computers, so the percentage increases to almost 50%.

    — 94 (41.6%) institutions have NOT performed security audits on their servers.

    — 51 institutions do NOT have defined policies for backup copies.

    — 38.1% (86) institutions DO NOT carry out backup restoration tests.

    — 16.4% (37) institutions DO NOT have the site configured to prevent SQL injection type attacks.

    — 42.9% (97) institutions DO NOT have active unnecessary services such as SSH, FTP, telnet.

    — 32.3% (73) institutions have NOT configured a concurrent access limit to avoid DDoS denial of service attacks.

    - Advertisement -
    - Advertisement -
    - Advertisement -

    Subscribe to our newsletter

    Get all the latest news, events, offers and special announcements.

    Latest News

    Indigenous Theater Gains More Audiences in Canada

    In the evolution of indigenous theater in Canada, it is hard to believe that there was a time when...
    - Advertisement -

    More Articles Like This

    - Advertisement -
    Language ยป