All of Costa Rica went into a state of emergency after it experienced a severe digital attack. Perpetrators managed to infect multiple government agencies. It not only crippled the operation of some of the most critical national infrastructure. Additionally, it exposed people’s private information and showcased how dangerous such attacks can be to countries.
How did it happen? And the people behind the attack
The Costa Rican president was compelled to declare a state of emergency in his nation after a massive attack launched by the Conti ransomware group. This group is linked to the Wizard Spider cybercrime syndicate behind numerous digital attacks, including the hospital targeting Ryuk malware.
The initial attacks were launched on April 12 and hacked into the Finance Ministry. From that point, hackers were able to infect other agencies like Technology and Telecommunications. Essentially, the malware worked as a ransomware threat. It encrypts data on victims’ computers and demands a ransom.
The Costa Rican government’s response
The Conti group demanded a $10 million ransom from the Costa Rican Finance Ministry after the initial attack was launched. The government of Costa Rica never considered paying this ransom.
The Conti group released 97% of the 672 GB of total data they had stolen from the Costa Rican Government as a response.
The exact scale of the attack is yet to be confirmed by the Costa Rican Ministry of Finance. The stolen data might well include the personal details of Costa Rican taxpayers. When you consider that, it is a major data breach that has potentially affected all of Costa Rica. No wonder then that a state of emergency has been declared.
The United States government’s support
In what shall come as bad news for criminal elements, the United States government has come ahead with an offer of a reward of $10 million for any information that may help authorities trace and reach those behind the attack. Another $5 million shall be rewarded if shared information leads to arrest and conviction.
It demonstrates the United States’ deep commitment to standing by ransomware victims in all corners of the world, protecting them from being exploited by cybercriminals.
The signing of the emergency decree
The president of Costa Rica, Rodrigo Chaves, accompanied by Natalia Diaz, Minister of the Presidency, and Carlos Alvarado, Minister of Science, Innovation, Technology, and Telecommunications, announced before an astounding nation that they were signing a decree declaring a national emergency in all of Costa Rica’s public sector. The emergency was declared to allow the country to launch a coordinated response to the devastating digital attack.
Only a single individual threat actor, UNC1756, has claimed responsibility for the attack. Since ransoms haven’t been paid, they have made a chilling threat of launching more attacks that’ll be even more damaging. Therefore, Costa Rican authorities need to be more vigilant than ever currently.
It was believed that the emergency would allow agencies to move more swiftly and initiate a credible response. However, it could still take months to make even partial recovery, and the entire data may never be recovered.
There may be backups of some taxpayer information available with the government. However, having them online will be time-consuming. Moreover, the government must first ensure that Conti’s access to its systems is removed.
Stay safe online in the face of digital threats
The attacks witnessed in Costa Rica depict how much damage a ransomware virus can cause. Government institutions should have appropriate security mechanisms in place to safeguard against such threats.
However, ransomware is not only after governments or high-profile victims. It can infect anyone, and there are many other infections that users should also be aware of. The biggest threat of ransomware is that it encrypts files, making them unusable. However, if you manage to back up computers and their assets, there will be no reason to pay the ransom.
Also, experts highly recommend having a robust anti-virus tool for detecting and removing malware. It is one of the most essential tools users and government institutions should have. However, it is not the only one.
Another effective way to protect yourself from threats online is to use a VPN for PC. A Virtual Private Network reroutes your traffic through a remote server and makes requests on your behalf. It ensures that your real IP address is never revealed to online entities. Additionally, VPNs encrypt internet traffic, meaning there are fewer chances of anyone snooping on your activities and data.
The attack on Costa Rica proves that ransomware attacks are still very much around. People are still caught unawares with ransomware breaching their defenses through emails. When cloud computing takes off, things are likely to get worse.
A ransomware attack has brought an entire nation to its knees. It shows how crippling such attacks can be and highlights the importance of being on our guard. What the Conti group has done to Costa Rica can also happen to individual users. Staying cautious and watching your step is the key.