QCOSTARICA – The Government of Costa Rica continues to face the most serious cyberattack of which it has been a victim and, although it affirms that the situation is under control, this case has revealed the need to firmly commit to cybersecurity both in the public sphere and in the private.
Costa Rica is going through the eighth day of the attack attributed to the international group Conti and that has mainly affected the Ministry of Finance, and to a lesser extent, the Ministry of Labor, the Ministry of Innovation, Science, Technology and Telecommunications, the Costa Rican Insurance Fund Social, Costa Rican Radiographic and the National Meteorological Institute.
The attack caused the Ministry of Finance to disable the ATV platform, which is used to declare and pay taxes, since last Monday; the TICA, through which exports and imports are processed, and also the systems for the payment of salaries of the central government.
The Government assured that it is carrying out a contingency plan and guaranteed that the payments of salaries, pensions, debt and other obligations will be made on the established dates, although there is no certainty when the technical work that will allow the disabled platforms to be restored will end.
For the exporting and importing sector, the Ministry of Finance established a manual way of carrying out the procedures that, according to the Chamber of Exporters, dates back to 2008 and should be simplified since it adds a series of procedures that make the process cumbersome.
A criminal cyber attack on the State
The Conti group published on the Internet a ransom demand for US$10 million dollars in exchange for not disclosing the information it obtained from the Ministry of Finance. The Government of Carlos Alvarado announced that it will not establish direct contact or pay any sum.
Alvarado referred to the situation in a video this Thursday and stated that, in his opinion, this attack “is not a matter of money” but “seeks to threaten the stability of the country in a situation of transition”.
At noon on May 8, Alvarado’s mandate ends and will transfer power to President-elect Rodrigo Chaves.
“This is not just an attack on institutions, the Government, importers or exporters, it is a criminal cyberattack on the State and the entire country. Nor can it be separated from the complex global geopolitical situation,” said the president.
Alvarado assured that the situation is being addressed “rigorously, seriously and with determination” and emphasized that at this time the union of the public, private and academic spheres is “critical”, as well as “discipline with the implementation of the measures to strengthen cybersecurity.
The Government assures that it is prepared to deal with this type of attack and that it has the support of companies such as Microsoft and GBM, as well as international organizations and friendly countries such as the United States, Spain and Israel.
A culture of prevention
The director of Digital Governance, Jorge Mora, stated that Costa Rica is the only country in the region that has a cybersecurity cluster (conglomerate) that involves the public and private sectors, and that in terms of cybersecurity it is the eighth best-positioned country in the Americas.
Mora also made a call to change the culture regarding cybersecurity, since he considers that society, in general, sees it as an expense and not as insurance.
The Minister of Finance, Elian Villegas, also complained this week about a cut applied by Congress to this year’s state budget in an item destined for cybersecurity.
Cybersecurity companies have insisted in this situation that investment in this matter is urgent in public and private companies, in order to develop programs or defenses that adapt to the needs of control and security of confidential data.
Soluciones Seguras stated that the Government sector continues to be one of the sectors that receive the most cyberattacks in the country with an average of 1,581 weekly, followed by the communications sector with 1,513.
It added that the Emotet Trojan remains at the top of the most important list of malicious programs in Costa Rica.
The main countries suffering attacks are the United States (54%), China (7%), Korea (6%), Costa Rica (6%), Russia (5%), and Germany (4%), among others.