Friday 8 December 2023

Costa Rica did not pay hackerCosta Rica did not pay hackers, rather millions to restore data from the Treasury and the CCSS

Despite the efforts, clinical data of patients disappeared forever, according to the Micitt leader

Paying the bills


Bailey Bridge will ease traffic congestion in front of San Jose airport

QCOSTARICA -- On Friday (tomorrow) traffic will be enabled...

Half of Ticos will vote in municipal elections, UNA survey

QCOSTARICA -- 46.3% of voters are 100% convinced that...

Fidel’s Sister and Outspoken Critic, Juanita Castro, Dies in Miami

Q24N - Juanita Castro, the younger sister of Fidel...

Exploring the potential of AI in sports betting

Sports betting is a popular and exciting activity that...

18% of businesses report being affected by insecurity

QCOSTARICA -- 18% of businesses report having been harmed...

A disoriented government leads the country to the greatest security crisis in its history

QCOSTARICA -  Géiner Gómez is the agent of the...

Dollar Exchange

¢526.83 BUY

¢532.24 SELL

8 December 2023 - At The Banks - Source: BCCR

Paying the bills


QCOSTARICA — The government of Costa Rica invested a total of $25 million dollars in the attempt to partially recover the data that had been stolen by Conti and Hive Ransomware between April and May last year, which had targeted the Ministerio de Hacienda (Ministry of Finance) and the Caja Costarricense de Seguro Social (CCSS) or Caja.

“A wealth of lessons learned after the hacking of the Treasury and the Caja last year are expected to be applied by the different institutions in order to avoid again spending large amounts of money to repair damage caused by hackers,” said Paula Bogantes, minister of Micitt.  image: La Republica

The governing authorities have made public this information, for the first time, which is in stark contrast to the sum of money that the perpetrators were demanding from the Government to unlock the encrypted data.

In the case of Conti, the Russian group demanded payment of US$20 million, then lowered it to US$15 million, and finally, in the absence of a response, finalized their offer at US$10 million; money that, according to the Costa Rica Presiden Rodrigo Chaves was not paid to the hackers. This is according to what was said in a discussion on cybersecurity that took place during his visit to the United States last month.

- Advertisement -

On the other hand, Hive Ransomware Group demanded US$5 million payable in Bitcoins for the return of the data stolen from the CCSS servers, which included, among others, patient data that unfortunately could not be recovered, as confirmed by the Minister Science and Technology (Micitt), Paula Bogantes, this week at a press conference.

In the midst of this panorama of “war” as it was described by President Chaves himself, motivating him on his first day in office to declare a national emergency for such violations, the question arises as to how convenient it would have been to have negotiated with the attackers, or to seek other methods to recover data, seen from an investment perspective.

The advantages of paying the ransom would have resulted in the probability of recovering the encrypted data faster, and possibly a complete data restoration. It would have also reduced the operational paralysis of the affected government agencies, especially in critical environments.

The disadvantage is that there was no guarantee that the hackers would just hand over the information, giving incentive for cybercriminals to carry out more attacks.

“When you pay hackers, you have a 70% chance that what they give you is a key to decrypt the information, nothing more; this at best; But if you do not respond to their demands, the data recovery time can be long, or even non-existent,” explains Juan Baby, an Israeli ethical hacker with military experience in his country.

This expert’s premise regarding this last point was reflected in the definitive disappearance of digital files of the Caja’s insured, particularly in areas such as oncology, which represented a serious aggravating circumstance with regard to their treatment and clinical history, which was also publicly reaffirmed by Bogantes.

- Advertisement -

“Cybersecurity is not an expense, it is an investment,” added the Minister, who recently confirmed publicly that the increase in the national budget allocated to Micitt, as well as donations from the United States Government, will be used to strengthen the economic muscle in the face of the challenges that lie ahead in this matter.

What awaits Costa Rica in terms of cybersecurity for 2024? After more than 770 million cyberattack attempts were reported in the first half of this year, according to a report prepared by the specialized firm Fortinet, some experts consulted expressed their points of view in order to avoid a further escalation of attacks. cyberattacks next year, even in light of new technologies.

Paula Brenes Former Director of Digital Governance at Micitt: “Cybersecurity in the health sector must be a priority attention section in the National Cybersecurity Strategy, as well as essential services and critical infrastructure. “Public-private alliances are key in an emergency situation like the one suffered; it is necessary to have the legal framework and prior relationships that allow the immediate execution of actions.”

Marvin Soto, a Costa Rican specialist recognized among the 100 best ethical hackers in the world: “Generation of malicious codes, the discovery of surfaces and other vectors of cyber attacks are possible to execute through Artificial Intelligence, aimed at taking advantage of vulnerabilities through the development of languages or applications that could once again put the country’s institutions in check”.

- Advertisement -



- Advertisement -
Paying the bills
"Rico" is the crazy mind behind the Q media websites, a series of online magazines where everything is Q! In these times of new normal, stay at home. Stay safe. Stay healthy.

Related Articles

Hackers Attack Guatemalan Government Webpages

Q24N (Associated Press) GUATEMALA CITY - In what Guatemalan authorities described...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.