Security News > 2022 > May > Costa Rica’s public health agency hit by Hive ransomware
All computer systems on the network of Costa Rica's public health service are now offline following a Hive ransomware attack that hit them this morning.
The incident comes after Costa Rica declared a national emergency following Conti ransomware attacks that hit multiple government bodies, including the Costa Rican Social Security Fund.
While Conti is now slowly shutting down operations, it has partnered with numerous well-known ransomware operations, including Hive and HelloKitty, AvosLocker, BlackCat, BlackByte, and others.
"AdvIntel identified and confirmed with a high level of certainty that Conti has been working with HIVE for over half a year - since at least November 2021. We have identified extended evidence of HIVE actively using both the initial attack accesses provided by Conti and the services of Conti's pentesters," Advanced Intel's Yelisey Boguslavskiy told BleepingComputer.
"The same individuals were working for both Conti and HIVE, as it is seen in the same victims appearing on shame blogs of both HIVE and Conti simultaneously. HIVE currently serves as one of the negotiation escape roots for Conti."
"Conti members continue negotiations with the victims that they have previously breached under the HIVE brand. This gives them an opportunity to get paid, as, unlike Conti, HIVE is not associated with the direct support of the Russian invasion of Ukraine, despite the fact that the ransom paid to HIVE is most likely received by the same individuals within Conti who claimed the group's collective alignment to the Russian government."