Ransomware gang threatens to overthrow Costa Rica government
SAN JOSE, Costa Rica (AP) — A ransomware gang that infiltrated some Costa Rican government computer systems has upped its threat, saying its goal is now to overthrow the government.
Perhaps seizing on the fact that President Rodrigo Chaves had only been in office for a week, the Russian-speaking Conti gang tried to increase the pressure to pay a ransom by raising its demand to $20 million.
Chaves suggested Monday in a news conference that the attack was coming from inside as well as outside Costa Rica.
“We are at war and that's not an exaggeration,” Chaves said.
He said officials were battling a national terrorist group that had collaborators inside Costa Rica.
Chaves also said the impact was broader than previously known, with 27 government institutions, including municipalities and state-run utilities, affected.
He blamed his predecessor Carlos Alvarado for not investing in cybersecurity and for not more aggressively dealing with the attacks in the waning days of his government.
In a message Monday, Conti warned that it was working with people inside the government.
“We have our insiders in your government,” the group said.
“We are also working on gaining access to your other systems, you have no other options but to pay us. We know that you have hired a data recovery specialist, don't try to find workarounds.”
Conti attacked Costa Rica in April, accessing multiple critical systems in the Finance Ministry, including customs and tax collection. Other government systems were also affected and a month later not all are fully functioning.
Chaves declared a state of emergency over the attack as soon as he was sworn in last week. The US State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.
Follow The Gleaner on Twitter and Instagram @JamaicaGleaner and on Facebook @GleanerJamaica. Send us a message on WhatsApp at 1-876-499-0169 or email us at onlinefeedback@gleanerjm.com or editors@gleanerjm.com.