QCOSTARICA – The Caja Costarricense de Seguro Social (CCSS) – Costa Rican Social Security Fund – declared an institutional state of emergency due to cyberattacks that affected most of the services and more than half of its servers.
The Caja hopes that the measure will allow it to strengthen human resources, apply exceptional administrative contracting mechanisms and have access to financial resources to resolve incidents related to the emergency.
Mario Vílchez, director of the Center for Emergency and Disaster Care (Centro de Atención de Emergencias y Desastres – CAED) of the CCSS, indicated that this circumstance allows for an increase in the human resource that attends to the situation.
“It is important to emphasize that the Caja began dealing with this emergency at the very moment the cyberattack began, applying the immediate response procedures that have been established,” he clarified.
CCSS authorities also ordered the central, regional and local Operations Coordination Centers to remain in operation. Also, apply the exception mechanisms that are necessary to guarantee the continuity of services.
All these decisions were communicated this Thursday, in the letter GA-CAED-0260-2022; they are binding for all institutional units, reported the press office of the CCSS.
On Thursday, the CCSS had not updated the data on the affectation of servers and user terminals. On Wednesday, June 1, CCSS executive president, Álvaro Ramos, confirmed that the affectation rose from 30 to 800 servers (53%) and that there were 9,000 infected individual computers, 22% of the 40,000 that the institution has.
In addition, about 12,560 people had their medical appointments, including surgeries, cancelled on Thursday.
It is suspected that the malware entered the CCSS systems through a terminal or personal computer. Once inside, it dealt the final blow on May 31 when it was activated and altered the systems.
The indications suggest that the hackers began to develop their cyberattack in February, when in the so-called “dark web”, they began to offer information about the CCSS.
Keeping in line with President Rodrigo Chaves’ was on the cyberattacks that began with a hack of the Ministerio Hacienda (Treasury) systems on April 18, moving to other public and autonomous institutions and the demand of US$20 million dollars in ransom, Chaves said on Wednesday that he issued the order to investigate the CCSS Technology Directorate to punish those responsible if it is shown that they acted negligently or irresponsibly after the cyber attack.
According to the latest report, the attacks affected 27 institutions, but the cases with the most serious consequences have been the Treasury and the CCSS.
“In a warned war, a soldier should not have died. Costa Rica knew there was a terrorist attack (…). It is unacceptable. I am not going to judge in advance, but there is a very clear order from Álvaro Ramos and myself to investigate this to the very bottom and take the corresponding sanctions with the full weight of the law,” warned the president.
