AP

Ransomware gang threatens to overthrow Costa Rica government

May 16, 2022, 8:49 AM | Updated: May 19, 2022, 9:49 am

SAN JOSE, Costa Rica (AP) — A ransomware gang that infiltrated some Costa Rican government computer systems has upped its threat, saying its goal is now to overthrow the government.

Perhaps seizing on the fact that President Rodrigo Chaves had only been in office for a week, the Russian-speaking Conti gang tried to increase the pressure to pay a ransom by raising its demand to $20 million.

Chaves suggested Monday in a news conference that the attack was coming from inside as well as outside Costa Rica.

“We are at war and that’s not an exaggeration,” Chaves said. He said officials were battling a national terrorist group that had collaborators inside Costa Rica.

Chaves also said the impact was broader than previously known, with 27 government institutions, including municipalities and state-run utilities, affected. He blamed his predecessor Carlos Alvarado for not investing in cybersecurity and for not more aggressively dealing with the attacks in the waning days of his government.

In a message Monday, Conti warned that it was working with people inside the government.

“We have our insiders in your government,” the group said. “We are also working on gaining access to your other systems, you have no other options but to pay us. We know that you have hired a data recovery specialist, don’t try to find workarounds.”

Despite Conti’s threat, experts see regime change as a highly unlikely — or even the real goal.

“We haven’t seen anything even close to this before and it’s quite a unique situation,” said Brett Callow, a ransomware analyst at Emsisoft. “The threat to overthrow the government is simply them making noise and not to be taken too seriously, I wouldn’t say.

“However, the threat that they could cause more disruption than they already have is potentially real and that there is no way of knowing how many other government departments they may have compromised but not yet encrypted.”

Conti attacked Costa Rica in April, accessing multiple critical systems in the Finance Ministry, including customs and tax collection. Other government systems were also affected and a month later not all are fully functioning.

Chaves declared a state of emergency over the attack as soon as he was sworn in last week. The U.S. State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.

Conti responded by writing, “We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency.”

The gang also said it was raising the ransom demand to $20 million. It called on Costa Ricans to pressure their government to pay.

The attack has encrypted government data and the gang said Saturday that if the ransom wasn’t paid in one week, it would delete the decryption keys.

The U.S. State Department statement last week said the Conti group had been responsible for hundreds of ransomware incidents during the past two years.

“The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented,” the statement said.

While the attack is adding unwanted stress to Chaves’ early days in office, it’s unlikely there was anything but a monetary motivation for the gang.

“I believe this is simply a for-profit cyber attack,” Callow, the analyst said. “Nothing more.”

__

Associated Press writer Christopher Sherman in Mexico City contributed to this report.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

This satellite image from Planet Labs PBC shows Iran's nuclear site in Isfahan, Iran, April 4, 2024...

Associated Press

Israel, Iran play down apparent Israeli strike. The muted responses could calm tensions — for now

Israel and Iran are both playing down an apparent Israeli airstrike near a major air base and nuclear site in central Iran.

24 hours ago

Speaker of the House Mike Johnson, R-La., talks to reporters just after lawmakers pushed a $95 bill...

Associated Press

Ukraine, Israel aid advances in rare House vote as Democrats help Republicans push it forward

The House pushed ahead Friday on a foreign aid package of $95 billion for Ukraine, Israel, Taiwan and other sources of humanitarian support.

1 day ago

southern Arizona rancher George Alan Kelly...

Associated Press

Trial of a southern Arizona rancher charged in fatal shooting of unarmed migrant goes to the jury

Closing arguments were made against a southern Arizona rancher accused of shooting an undocumented migrant on his land to death on Thursday.

2 days ago

Donald Trump's hush money trial: 12 jurors selected...

Associated Press

Although 12 jurors were picked for Donald Trump’s hush money trial, selection of alternates is ongoing

A jury of 12 people was seated Thursday in former President Donald Trump's hush money trial. The proceedings are close to opening statements.

2 days ago

A anti-abortion supporter stands outside the House chamber, Wednesday, April 17, 2024, at the Capit...

Associated Press

Democrats clear path to bring proposed repeal of Arizona’s near-total abortion ban to a vote

Democrats in the Arizona Senate cleared a path to bring a proposed repeal of the state’s near-total ban on abortions to a vote.

3 days ago

Most Americans are sleepy new Gallup poll finds...

Associated Press

Most Americans say they don’t get enough sleep, according to new Gallup poll

A new Gallup poll found that most Americans are sleepy — or, at least, they say they are. Multiple factors play into this.

5 days ago

Sponsored Articles

...

Collins Comfort Masters

Here’s 1 way to ensure your family is drinking safe water

Water is maybe one of the most important resources in our lives, and especially if you have kids, you want them to have access to safe water.

...

Day & Night Air Conditioning, Heating and Plumbing

Day & Night is looking for the oldest AC in the Valley

Does your air conditioner make weird noises or a burning smell when it starts? If so, you may be due for an AC unit replacement.

...

Collins Comfort Masters

Avoid a potential emergency and get your home’s heating and furnace safety checked

With the weather getting colder throughout the Valley, the best time to make sure your heating is all up to date is now. 

Ransomware gang threatens to overthrow Costa Rica government