"Conti Ransomware Attack Spurs State of Emergency in Costa Rica"

Rodrigo Chaves, the Costa Rican President, declared a state of national cybersecurity emergency following a financially-motivated Conti ransomware attack targeting his administration, which has disrupted the Latin American nation's government and economy. The attack, linked to the Conti ransomware group, occurred not long after Chaves took office. Impacted Costa Rican agencies include the Ministry of Labor and Social Security, the Ministry of Science, Innovation, Technology and Telecommunications, the National Meteorological Institute, and more. The entire scope of the damage is currently unknown. Conti reportedly demanded Costa Rica's government pay a ransom of $10 million to stop information stolen from the Ministry of Finance from being released. Costa Rica declined to pay, resulting in Conti updating its data leak site with 97 percent of the 672 GB of data claimed to have been stolen from Costa Rican government agencies. Conti is a Russian-speaking ransomware group known for specializing in double extortion in which threats are made to victims to expose their stolen data or use it for future attacks if they decide not to pay the demanded ransom. The Conti group operates on a Ransomware-as-a-Service (RaaS) model and has a network of affiliates and access brokers. The group also is known for launching attacks against hospitals, emergency number dispatch carriers, emergency medical services, and law-enforcement agencies. The US government recently announced that it is offering a reward of up to $10 million for information that could help identify or locate anyone with a leadership position in the Conti ransomware group. This article continues to discuss the Conti ransomware attack that made Costa Rica's new president declare a state of emergency and what the US is doing to help prevent future attacks such as the one on Costa Rica. 

Threatpost reports "Conti Ransomware Attack Spurs State of Emergency in Costa Rica"