April 22 – In Costa Rica, a series of recent cyber attacks directed towards state computer systems are perceived as attempts to destabilize the country as it transitions to a new government.

This past week, six public institutions experienced significant cyber disruptions. The cyber crime group known as Conti claimed responsibility. Attackers demanded $10 million in exchange for releasing stolen or encrypted data from Costa Rica’s finance ministry.

In relation to the attacks, Costa Rican President Carlos Alvarado said “The Costa Rican state will not pay these cyber criminals anything.”

Information accessed

After meddling with the Treasury’s customs platforms, it appears that hackers managed to retrieve historical taxpayer information. Several online customs and tax platforms suspended operations for a few days in order to assess issues and solutions.

Incident effects

On Wednesday, the country’s exporters union reported losses of $200 million. The social security agency’s human resources system and the Labor Ministry were also affected.

Further information

Alvarado notes that officials are continuing to evaluate the damage, working through resolutions, and implementing means of preventing future attacks of a similar nature.

In March, the US Cybersecurity and Infrastructure Security Agency (CISA) warned of cyber attacks conducted by the Conti ransomware group. The Conti operators are known for running an organized operation.

The Conti ransomware group has publicly stated that it will support Russia in efforts to invade Ukraine. As a nation, Costa Rica expressed a divergent viewpoint on this geopolitical topic, which may or may not have served as the catalyst for Conti’s cyber attacks.

For more information about the Conti ransomware group, see CyberTalk.org’s past coverage. Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.