Costa Rica declares national emergency after Conti ransomware attacks
Date:
Tue, 10 May 2022 12:01:22 +0000
Description:
Conti operators released almost 700GB of sensitive data, prompting government action.
FULL STORY ======================================================================
The Costa Rican government is under such immense ransomware attack that it
has reportedly been forced to declare a state of national emergency.
BleepingComputer claims that the countrys president Rodrigo Chaves, signed the declaration into law on April 8, the same day he took office.
"The attack that Costa Rica is suffering from cybercriminals, cyberterrorists is declared a national emergency and we are signing this decree, precisely,
to declare a state of national emergency in the entire public sector of the Costa Rican State and allow our society to respond to these attacks as criminal acts," the President was cited as saying.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Demanding $10 million in payment
"We signed the decree so that the country can defend itself from the criminal attack that cybercriminals are making us. That is an attack on the Homeland and we signed the decree to have a better way of defending ourselves," added President Chaves.
So far, it would seem that its not a nation-state, or state-sponsored actor behind the attack, but rather a financially motivated group known as UNC1756. The group deployed the Conti ransomware against a number of government endpoints , causing major disruptions in both public and private sectors as government procedures, signatures, and stamps, have all been disrupted.
Among the affected organizations are the Costa Rican Finance Ministry, the Ministry of Labor and Social Security, the Social Development and Family Allowances Fund, and the Interuniversity Headquarters of Alajuela. Read more
Conti ransomware group has internal chats leaked after siding with Russia
Windows and LinkedIn flaws used in Conti ransomware attacks, Google warns
A lone-wolf researcher has turned the table on the hackers
Other agencies, seemingly affected by the disruption, include the Administrative Board of the Electrical Service of the province of Cartago,
the Ministry of Science, Innovation, Technology, and Telecommunications, the National Meteorological Institute, Radiographic Costarricense, and the Costa Rican Social Security Fund.
The attack seems to have kicked off in mid-April, with the threat actors allegedly demanding $10 million from the Ministry of Finance. The
organization declined to pay the ransom, kicking off a major data dump by the threat actor.
So far, UNC1756 leaked 97% of its stolen data dump, which counts 672 GB of sensitive information. To make matters worse, the group has threatened future attacks of a more serious form, too.
Currently, theres a bounty on Contis leadership and operators. The US government is willing to give $15 million to whoever comes forth with any information that might lead to the identification, locating, and
consequently, to the arrest, of these individuals. Protect your premises from ransomware with the best firewalls around
Via: BleepingComputer
======================================================================
Link to news story:
https://www.techradar.com/news/costa-rica-declares-national-emergency-after-co nti-ransomware-attacks/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)