Security News > 2022 > May > Conti Ransomware Attack Spurs State of Emergency in Costa Rica

Costa Rican President Rodrigo Chaves declared a state of national cybersecurity emergency over the weekend following a financially motivated Conti ransomware attack against his administration that has hamstrung the government and economy of the Latin American nation.

The attack-attributed to the prolific Conti ransomware group-occurred three weeks ago not long after Chaves took office; in fact, the state of emergency was one of his first decrees as president.

Costa Rica so far has declined to pay, which resulted in Conti updating its data-leak site on Monday with 97 percent of the 672 GB of data that the group claims contains information stolen from Costa Rican government agencies, BleepingComputer reported.

The attack on Costa Rica could be a sign of more Conti activity to come, as the group posted a message on their news site to the Costa Rican government that the attack is merely a "Demo version." The group also said the attack was solely motivated by financial gain as well as expressed general political disgust, another signal of more government-directed attacks.

Conti likely has every employee's personal login credentials to any Costa Rican government site that they visited during the time the ransomware was active on the system before it locked files, which poses a big problem for citizens using government services online if Conti indeed has leaked the info, he said.

To date, Conti has been responsible for hundreds of ransomware incidents over the past two years, with more than 1,000 victims paying more than $150 million to the group, according to the FBI. This gives Conti the dubious honor of being the costliest ransomware strain ever documented, according to the feds.

News URL

https://threatpost.com/conti-ransomware-attack-emergency-costa-rica/179560/