QCOSTARICA – Can you imagine the immigration service hacked, the judicial system paralyzed by problems of access to electronic files, or the water service with problems attending to leaks or reconnecting services?
Well, a chain attack against Costa Rica is a latent danger from hackers, according to several experts consulted by La Republica.
And it is that a month after Conti attacked the Ministerio de Hacienda (Ministry of Finance or Treasury), and later Hive Ransomware Group hacked the systems of the Caja Costarricense de Seguro Social (CCSS), it would not be surprising that we could be hit by a paralysis in any other essential service provided by the State, for the hacking other institutions.
“What would happen, for example, if cybercriminals attack of the Instituto Costarricense de Electricidad companies (Grupo ICE) or the Instituto Nacional de Acueductos y Alcantarillados (AyA) – waters and sewers, or paralyze all air operations by hacking our international airports.
“Is Costa Rica really prepared to prevent this type of attack?” asks Luis Adrián Salazar, former Minister of Science and Technology (Micitt).
In this sense, it is worth remembering that one of the entities attacked by Conti months ago was precisely the JASEC, which provides electricity and telecommunications to the province of Cartago. Fortunately, that hack was minor at that time. But the floodgate was opened.
Over at the Treasury, the computer systems for taxation and customs continue to be down, without an estimated date of restoration, and it is that when a country prides itself on having a Government whose public policy is to digitize its processes, redoing the procedures “a mano” (by hand) represents a disorder for officials and users.
At the Caja, officials deny the institution being in a “coma” state, as systems remain offline, voluntarily to avoid further hacking, while the IT techs carry out an analysis and cleaning of its computer platforms continue, which means that the institution is sedated.
“The Government must responsibly prove responsibility for this crisis. Likewise, legal and regulatory regulations on computer security in public institutions must be strengthened, such as the establishment of sanctions for entities that do not meet the minimum protection standards,” suggests Esteban Jiménez, founder of ATTI Cyber.
Providing a strong budget to the Micitt, as the maximum executor of policies regarding cybersecurity in public institutions, is something that the minister, Carlos Alvarado Briceño, himself has requested and with which Jiménez agrees, considering it “unforgivable ” that the institution in charge of executing said policies does not have the financial resources to act.
The “war” declared by cybercriminals against the Government of Costa Rica, has the country in a state of emergency since May 8, when President Rodrigo Chaves assumed his constitutional mandate.
To be clear, the hacking of the Treasury occurred weeks later, on April 18, prior to Chaves being sworn in as president, but it is on May 8 when hackers went all out, attacking systems of more than 30 institutions, including the Caja.
Since then, different actions have been taken to try to face the situation, which is currently in a vulnerability analysis phase by the technical committee formed by the Presidency and integrated by the Micitt, as well as ICE and the Comisión Nacional de Emergencias (CNE) – National Emergency Commission, as the entity, by law, governing the management of this situation.
David and Goliath
In this fight against cybercriminals, Costa Rica is at a clear disadvantage, according to experts La Republica consulted, a scenario that could change as long as the authorities are transparent regarding the results of the real cybersecurity situation faced by the institutions and the country can count on the economic and human resources to face the crisis.
“The Government must give a status as soon as possible of the affectation of the institutions already attacked, and of the preventive measures for those that have not yet been violated. There are many basic services that can be attacked by cybercriminals, and they do not wait; they just act,” said Luis Adrián Salazar, former Minister of Science and Technology.
“In my opinion, since the first massive attack by Conti, the process has been handled in a disorderly manner and has been misdirected. It is regulated, but it is not controlled efficiently; it is ordered, but it is executed slowly and that is fertile ground for new cyberattacks, even larger scale than those we have witnessed in recent weeks,” according to Esteban Jiménez, founder of ATTI Cyber and cybersecurity expert.
Conti decreases reward and asks for $15M
In recent days, the Conti cybercriminals have reduced their demand of US$20 million dollars to US$15 million from the government of Costa Rica, assuring that if not paid they would delete sensitive data stolen.
The group originally demanded US$10 million for the hack of the Treasury.
Reports are that there has been contact between the hackers and the Government, but have not reached any agreement.
The current administration is managing this crisis as a national security emergency and the presence of Conti’s accomplices in Costa Rica has been confirmed, as President Rodrigo Chaves assured weeks ago.
With files from La Republlica; Presidencia